Hi,
> Also, given the oddness of our network conditions, our solution is likely to
> differ from classical textbook cases: We have two Internet Services
> Providers, one of which maintains an ATM WAN, and a number of internal
> networks, one of which is completely separate and homed to the second ISP.
> In addition to this routing pretzel, we have researchers who create new
> protocols every month.
I would suggest that you divide you networks into different pieces. An
internal Office Net, a Testnet, a DEveloper Net. Secure those Nets with
firewalls or packet filters according to the security needs of the specific
net. Youhave to write down which information is allowed to be stored on
which host. Testhosts for example should never host Production-Sourcecode,
or never put Employee Data on anything outside of the secure internal net.
You simply cant ensure perimeter security if you that much links in a
changing environment.
Greetings
Bernd
--
(OO) -- Bernd_Eckenfels @
Wittumstrasse13 .
76646Bruchsal .
de --
( .. ) ecki @
{lina .
inka .
de,linux.de} http://home.pages.de/~eckes/
o--o *plush* 2048/A2C51749 eckes @
irc +4972573817 *plush*
(O____O) If privacy is outlawed only Outlaws have privacy
References:
|
|
