On 14 Feb 1997, massimo.cotrozzi wrote:
> >A question for all you corporate types out there.
> >Does anyone use the reporting capabilities of their firewall to allocate
> >costs to individual depratments/users so as to enable a charge-back
> >structure for internet usage? Do most firewalls allow reporting on this
> >sort of basis or would a seperate package have to be used, in which case
> >which ones are out there and what do people recommend?
> >Mike Blaser - IT Security Analyst mike @
> >Vertex Data Science Ltd +44 (0) 1925 236831
> >TA29, Dawson House Comments and opinions are those of the
> >Great Sankey, Warrington, UK author and not of Vertex Data Science Ltd
> Can you believe that what you think could be a Very Useful Mechanism
> is ILLEGAL in Italy ?
> Dunno if any italian fw implementor have ever faced with sindacates
> problems while performing their job .
I did an assignment in Italy (auditing a UNIX network) and realized that
their logging was unsufficient for creating useful accounting
and audit-trails, so in my naive thinking I recommended some more detailed
logging and accounting mechanisms....
When the network administrator said he could not do that because of legal
considerations I thought he was joking (or just a lazy administrator)....
It turned out to be true. What we did is create a mechanism by which we
did not log and account for activities of individuals but of some
pseudo users. The problem continued to be that we could not trace
individual activities (well.. we could, but that would be illegal), but
for accounting purposes and billing departments it did work well enough.
I don't remember the exact details and the legal consequences.
Wear glasses if you need them
From: "massimo.cotrozzi" <massimo .