Mark Goring wrote:
| Out of interest, as this seems to be the place to ask...
| Any opinions as to what level of security the system behind the firewall
| should be?
| I recently attended a seminar where it was recommended the system behind
| the firewall should be B2 level secure.
It depends on what you have on the network. :)
Less flipantly, you need to weigh costs vs risk. The reason
firewalls are useful is because it makes it possible to concetrate your
risks. This is handy because its impossible to secure every machine
in a class B net.
If you have a set of 12 machines which control the issuance of
money, you should make each of them quite secure. If you have a lab
full of student acccess terminals, you should assume the lab contains
hostile folks and either tie it down very tightly, or label it
hostile. Or both.
"It is seldom that liberty of any kind is lost all at once."