decloaking in progress .....
We are in the process of designing a corporate-wide firewall strategy
and have come across an interesting question: In the long run, is it better
to give geographically dispersed sites their own firewall, or to route them
through a single, central firewall. One thing making the central option
look attractive is the lack of technical expertise and resources at our
remote sites, calling into question their ability to maintain and monitor a
local firewall. On the other hand, bringing remote sites into a central
firewall seems to bring their traffic across an untrusted net (eg public
phone system) and into our network _behind_ the firewall. I can see
pros/cons on both sides, and would appreciate any experiences or
comments from the group on either option. Thanks in advance -
activate cloaking device .....
Ed Hepker
USA GROUP
Indianapolis, Indiana
ehepker @
usasmtp .
usagroup .
org
These comments do not represent or resemble any opinions currently or
previously held by USA GROUP (or anyone else, for that matter).
|
|
