>>>>> "Jay" == Jay Tingiris <jtingiris @
Jay> Low Cost Firewall: $2,000 US (hardware/software included)
Jay> Supported Services:
Jay> 1) TCP/IP filtering mechanism that allows for
Jay> priority queuing
Jay> 2) HTTP caching proxy support (internal and
Jay> 3) FTP caching proxy support (internal and external)
Jay> 4) GOPHER caching proxy support (internal and external)
Jay> 5) Telnet proxy support (internal and external)
Jay> 6) SMTP secured mail transport mechanism (inbound and outbound)
Jay> 7) DNS Server Capability (forwarding, caching, and secondary
Jay> 8) HTTP Server Support for External/Internal WWW pages
Jay> 9) MBONE tunnel Jay> endpoint (secure internal broadcast)
Jay> 10) IRC Client and Server support (internal and external)
Jay> 11) WAIS caching proxy support (internal and external)
Jay> 12) POP mail support
Jay> 13) Automatic Status reports and cache management features.
Jay> 14) ALL ON THE SAME MACHINE!
I would consider putting all of these things on the same machine to be
-at best- an unwise move.
Perhaps the biggest problem here is that you've got a single machine
upon which you become critically dependant, and that machine is a
single point of failure. From a security standpoint, as well as a
functionality standpoint. If someone launches a denial of service
attack against your web server, it can take out your mail relay,
too. And DNS, and proxy caching server, etc... you get the idea.
Further, you've complicated setup, because now you need to make sure
that everything is working together, which may or may not be a big
deal. But it is a more complicated configuration to have to rebuild if
the machine catches on fire...
I fear that we're going to start seeing lots of these silly machines
start coming up ... everything in one. A bad idea for security, a bad
idea for service ... but they, like so many other dumb things that
people with money claim to "need," will probably become successful
products from the perspective of marketing and profitability. Sigh.
C Matthew Curtin [AT&T|Bell] Labs Internet Posse
http://www.att.com/homes/matt_curtin.html PGP OK cmcurtin @