North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: [Re: Level3 routing issues?]
- From: Joshua Smith
- Date: Mon Jan 27 17:06:34 2003
Simon Lockhart <email@example.com> wrote:
> On Mon Jan 27, 2003 at 04:16:00PM -0500, firstname.lastname@example.org wrote:
> > Again, but why does it talk to the outside world unsupervised? Your
> > organization clearly has a border that separates its internal systems
> > external ones. Why not apply those restrictions on *those* borders?
> From inside the organisation to outside, yes, ish. Except all those SSL
> on random port numbers. And other protocols which use random port numbers
> (not just peer-to-peer, but also things like FTP, etc).
> But, we were talking about end-user connected into the inside network using
> a VPN. That user needs to have pretty much unfettered access to the
> business parts of your internal network. (Okay, mission critical stuff
> should be seperately firewalled, but MS makes that hard enough, due to
> things like Active Directory, where everything needs to talk to
and don't forget the fact that nearly every M$ service pack/'critical'
update changes what ports that program is using (exchange/outlook are
really bad about this)
> Simon Lockhart | Tel: +44 (0)1628 407720 (BBC ext 37720)
> Technology Manager | Fax: +44 (0)1628 407701 (BBC ext 37701)
> BBC Internet Services | Email: Simon.Lockhart@bbc.co.uk
> BBC Technology, Maiden House, Vanwall Road, Maidenhead. SL6 4UB. UK
"Walk with me through the Universe,
And along the way see how all of us are Connected.
Feast the eyes of your Soul,
On the Love that abounds.
In all places at once, seemingly endless,
Like your own existence."
- Stephen Hawking -