We're a large financial institution, looking into the desirability and/or
feasibility of connecting to the Internet.
Security is (What a shock!) a prime concern and I've begun looking at the
TIS Toolkit and DEC's SEAL offering as the basis for a protecting firewall.
We're discounting a 'Black Box' approach, as not leaving us with enough
flexibility or control after the installation.
With SEAL, DEC provides EVERYTHING - hardware, software, setup, tailoring,
and staff training but since we have have VERY little UNIX experience, we'd
probably require the services of a security consultant (TIS?) even if we
went the Toolkit route.
>From what I can gather, the Toolkit will support Dual-Homed Gateway,
Screened Host, or Screened Subnet approaches, while SEAL is based on
the latter.
I like to get your knowledgeable opinions on the design issues themselves
as well as these two products.
Thanks,
Peter von Zirpolo
|
|
