Great Circle Associates Firewalls
(July 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Protecting our INTRANETS
From: Watta Louis <05000DAC @ MX . PACIFIC . GTEGSC . COM>
Date: Wed, 24 Jul 96 07:39:00 PDT
To: firewalls <firewalls @ greatcircle . com>

Being a government contract agency, we get many projects that might have
subcontractors working on the project. Usually they stay in their own land
and just deliver us software when the date is due.

Now in the land of T1, and 56k lines we have a codevelopment effort, with
"datasharing". 

As a security concern we create and isolated network and do not connect the
"Dirty" network to the corporate backbone.  

So we have T1s and 56k lines out the whazoo, and all types of contractors and
subcontractors in house. Yes some of them physically work here at our site. 

Problem is management wants to connect the dirty network to the corporate
backbone to provide mail, httpd, etc...  (they don't like seeing two machines
on persons desk) Mails not a problem that should be easy to setup. The
problem is protecting our "Intranet".Like all big companies we are moving
towards information overload most of it via http.  Everything, is available
via http. The phonebook, HR stuff, information on other programs, etc... 

My problems is http. Everything I can find seems to point to http being
proxied. That does not work for me. I need http to be authenticated. I have a
development environment (aka unix, mostly Solaris) where a users can go login
at any machine. And it needs to stay that way. I need a stopgap, such that
when a user starts Netscape it asks for a username and password.  Now I know
I could probably use sockisfied clients and then write a wrapper around it.
But I was looking for some other ideas.

I beleive this is going to become a bigger problem as the keyword is no
longer "Internet" its "Intranet", companies share info together in realtime,
and the number of books in the bookstore is just as large as java. 

Is anybody else running into this type of problems? and if so how have you
been handling it?

Louis Watta
System Admin    GTE Government Systems RTP, NC
watta .
 louis @
 mail .
 ndhm .
 gtegsc .
 com


Follow-Ups:
Indexed By Date Previous: Re: PREDICTIONS, MUST BE BREAK TIME...
From: Christian Kuhtz <chk @ psa . pencom . com>
Next: Re: Re: Sidewinder Versus EagleRaptor (really going out of topic)
From: "Mattias Lindstr\vm" <mattias . lindstrom @ ihc . se>
Indexed By Thread Previous: RE: trusting the firewall
From: Miller Robert RC <MILLERRC @ USUWPHARMS . zen . com>
Next: Re: Protecting our INTRANETS
From: Brian Hatch <bri @ ifokr . org>

Google
 
Search Internet Search www.greatcircle.com