Hi,
My company has an ever growing corporate network (at last count with over
500 subnets), now going through a growth phase reaching out to our many
international sites. Currently we run a single internet gateway located at
our Australian head office, however we are under some pressure by
international staff (notably those in Nth America :) to either move the
gateway or to put in other points of entry to the Internet.
Several issues come to mind:
- how hard is it to engineer this?? Our routed network runs EIGRP. Would
we need to internally partition using say BGP to effectively handle
routing?
- I maintain iron fist, ie benevolent dictator, control over my firewall
which satisfies our requirements for control and auditing. If other
holes are punched through, what are the experiences of admins on this
list running a distributed set of internet entry points ?? (I'd
conjecture pretty ugly :)
- there are lots of other big companies (with big global networks)
represented on this list (we've seen those postings people !! ... ). Do
you run single Internet gateways, or several. Sun, SGI, DEC, ATT ..... I'd
*luv* to know what is the practice of global corporates in this minefield
of policy.
If I get enough responses I'll happily summarise for the list as I'd hope
there would be some interest in this.
Cheers,
Ian
Ian Hoyle, Senior Consultant |"Now I've got the bead on you with MY
BHP Information Technology | disintegrating gun. And when it disintegrates,
600 Bourke St | brother it disintegrates. (pulls trigger)
Melbourne VIC 3000, AUSTRALIA | Well, what do you know, it disintegrated."
Phone : +61-3-9609-3375 | -- Duck Dodgers in the 24 1/2 century
E-mail: ianh @
itmel .
bhp .
com .
au |
|
|
