Actually, this is secure, but it is not any less secure than MCI for
instance. At a customer site, we have a connection to MCI and it is
advertised as a class C address from MCI as part of the MCI.COM domain.
The only difference we noticed when we researched this type of service
was performance. With MCI we get full T-1 to the MCI Internet POP,
whereas you may only get full T-1 to the ISP and then compete with
everyone else for part of the bandwidth to the internet.
On Mon, 2 Jun 1997, Mariko Yashada wrote:
> Date: Mon, 02 Jun 97 11:37:15 PDT
> From: Mariko Yashada <mariko @
> To: Firewalls Mailing List <firewalls @
> Subject: ISP Connection
> My company is currently getting Internet access through a local ISP, using
> PPP connections. We are now considering replacing the dial-up connections
> with a leased line to the ISP. We will leave our web server at the ISP and
> will continue to use their e-mail server. There will be a router at the ISP
> end of the line. The line will connect to our Enterprise Network through a
> router at our end. We will also put a proxy server at our end to filter out
> going access and do NAT.
> The ISP people say this type of connection is more secure than a direct
> connection to the Internet through say MCI, becuase our router will be
> "hidden" behind their routing system. The IP address of our router will not
> be accessable from outside the ISP domain.
> We will not allow incomming connections such as telnet or ftp. We will
> restrict access from inside the company to e-mail, http, ftp and probably
> My question is, how secure is this type of connection? How difficult is it
> for someone outside the ISP domain to discover and access our connection?
E-mail: svl @
21NET Phone: (719) 554-9833
Voice Mail: (719) 630-0100 x206
A radioactive cat has eighteen half-lives!