Firewalls: Re: LDAP

Firewalls
(January 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: LDAP
From:	FaNgYoU2 <fangyou2 @ panix . com>
Date:	Wed, 1 Jan 1997 10:02:51 -0500 (EST)
To:	firewalls @ GreatCircle . com
In-reply-to:	<199701010454 . XAA02712 @ mail . clark . net>

> >Any of you hot shot vendors ...
> > ... doing any work to include
> >LDAP enterprise directory access in firewalls?
> 
> V-one is doing some stuff with LDAP ...

What I had in mind was to try to get an idea of what would be involved 
in a migration strategy to move from fragmented directory services on
different platforms to an enterprise directory that included firewalls
as follows:

Banyan Vines   }    LDAP
Novel Netware  }   access         Packet    Proxy  Choke
Lotus Notes    }--enterprise--|--filtering--fire--filtering--|--Internet
Assorted Unix's}  directory   |   router    wall   router    |
Windows Nt     }              |                              |
                           Packet                         External
                          filtering                       hardend
                           router                         DNS server
                              |             
                          Packet filtering--Corporate  
                          firewall          Intranet

This is essentially a split DNS to hide the corporate network.  The
external DNS would provide minimal DNS information on a skeletonized
Unix box, while the internal LDAP access enterprise directory would
provide directory information for everything.      

                                                      ^  ^

Indexed By Date	Previous:	Re: Air Force Web Site Hacked From: Can Baysal <baysalc @ boun . edu . tr>
Indexed By Date	Next:	Edupage excerpt From: Paul Ferguson <pferguso @ cisco . com>
Indexed By Thread	Previous:	RE: WWW Gaffiti Immunity (Off Topic) From: Craig McLellan <mclelcl @ onto . network . com>
Indexed By Thread	Next:	Edupage excerpt From: Paul Ferguson <pferguso @ cisco . com>