1) Since Cisco Internet Junction (CIJ) acts to isolate IPX from IP traffic,
there is a great deal of security even without a firewall.
2) IPX can still be attacked, but it is much more difficult.
3) The people who ARE using CIJ love it.
Now for some additional debate points:
Here is the network diagram (sorry, I am not good at drawing with ASCII)
remote net=IPX Internet (IP)
(---------------) ********************
]--Frame Relay WAN [CIJ Gateway]
] ]
(---------------------------------)
Home Office LAN=IPX
NOTE: The routers on the LAN/WAN at the home office are running IP to
talk to one another, but they are the only devices talking IP - all PCs,
servers, etc. are gabbing IPX.
QUESTIONS:
1) With the CIJ in place, is a firewall needed?
2) Where does it go, relative to the CIJ (I assume on the Internet side)?
3) What are the key vulnerabilities in this system?
4) If IP<->IPX isolation is so secure, does any Novell LAN admin need
to worry about firewalling their system?
Thanks for your responses, but since so much lively debate was started on
the first message, I thought it worth the time to keep it going.
--
Charles C Fry :-7
======================================================================
= Charles Fry Consulting == Helping Retail & Direct Marketing =
= New Albany, Ohio == Companies Harness Technology for =
= (614) 855-3925 == Greater Profit and Market Advantage =
= cfry @
CFConsulting .
com == http://www.CFConsulting.com =
======================================================================
|
|
