Hello!
My company at the moment provides 4 Internet services through our
firewall: ftp, telnet, email and nntp (news). We believe we have
a sensible and protected setup.
At the same time users are screaming for WWW access. They have
seen the friendly interface, and have seen useful information.
And other companies are making information that my company uses
available through WWW.
The company basically puts up these requirements on the Internet
access:
- Nobody from the Internet - ie outside the firewall - should
be able to initiate any kind of action on the inside machines.
- When people from the company initiates actions through the
firewall, there should be no chance of unwanted actions hap-
pening on the inside machines. Ie if the user clicks to se
a pretty picture, nothing but the generation of that picture
should happen. No unwanted side effects, basically.
So - the bottom line is: If it isn't secure, it isn't worth it.
My fundamental question is how to implement WWW access to the
users and still maintain these requirements.
I can see several solutions, but I'm not sure yet how all of
them match the basic requirements:
- Don't give users access to WWW.
- Put up standalone machines at strategic places.
- Put up some sort of secured WWW access through specific
software on the users machines.
- Put up some sort of secured WWW access on the firewall only.
- Put up a standard WWW access mechanism altoghether.
We are not planning on setting up WWW pages, we just want our
users - potentially well over 5000 - to look at whats out there.
Regards,
Stein-Erik
---------------------------------------------
Stein-Erik Engbr}ten, Statoil, Norway
mail: Statoil SDATA BAS, Box 300,
N-4001 Stavanger, NORWAY
email: seen @
statoil .
no
---------------------------------------------
|
|
