I think Bill Husler <bhusler @
community .
net> said:
>Our local SunSoft rep just gave us a presentation on FW-1 and it seems
>that FW-1 allows you to manage Cisco routers as well as FW-1 Filters (for
>application gatewat and Dynamic packet filtering). This would provide
>both levels and on separate boxes while centralizing administration.
>Sound kinda cool.
>Bill
Do you really think it is a good idea to:
1. Keep your router passwords in your firewall so it can remote update your
router configuration?
2. Send your router passwords over the net for remote update of your router
configuration?
3. Allow remote update of your router configuration in any case, if you can
avoid it?
The whole concept of "It is easy" vs. "Is it secure" lies in this type of
"feature." I vote no to the above questions. Yes; it does make my life
more difficult. IMO the increased security level is worth the extra work.
My $.02. Ken
[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[] []
[] Ken Stephens Senior Capacity Planner/Data Security Officer []
[] email: Ken_Stephens @
miconsulting .
com Voice (313) 876-5081 []
[] Michigan Employment Security Commission (MESC) Fax (313) 876-6827 []
[] 7th Fl. I.S. []
[] 7310 Woodward Ave []
[] Detroit, MI 48202 []
[] []
[] Millennium Consulting Your Security Policy is only []
[] 28234 Diesing Dr. as strong as your organization's []
[] Madison Heights, MI 48071 commitment to it. []
[] []
[][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
Follow-Ups:
|
|
