Your security policy should answer this question..
But, I personally would say "no", or find another way.
Put it outside A's firewall, or add another firewall
between between A's LAN and the machine. This machine
is owned by A? B should not be able to put software
on A's machine. Port 80 is a risk. Admin login left
open is a risk. B's people having admin on A's
machine is a risk.
Sounds like a nightmare, unless of course A trusts B,
or I have missed something.
acs
--- Brian Steele <[EMAIL PROTECTED]> wrote:
> Not really a firewall issue - more of a security
> issue, but as there are a
> few security experts on the list..:-)
>
> Situation: Company consisting of two independently
> operating business units,
> let's say A and B. The operations of each unit is
> governed by its own
> internal security procedures, A's being more
> stringent than B's. The two
> business units are connected via a WAN.
>
> B want to install a software package in A's LAN to
> meet a "critical business
> requirement". However:
>
> 1. pcAnywhere has to be installed on the server
> running the
> package to allow staff from B to remote
> control the
> server (a Windows NT4 box, btw) when it's
> installed on
> A's LAN.
>
> 2. The software on the server will be
> interfacing with a critical
> system on A's LAN. And also with Internet
> users (via a
> firewall - port 80 only).
>
> 3. The software requires that the Administrator
> account be
> left logged on on the server's console.
>
> 4. The password for remote access via pcAnywhere
> (and
> thus the Administrator password) will be
> known to several
> persons in B.
>
> Now, if you were the sysadmin for A's LAN, would you
> consider this
> arrangement secure enough for internal business use?
> If not, are there any
> steps that you'd take to minimize the risk to your
> LAN? Or would you be
> raising the strongest protests to ensure such a
> system is not deployed on
> your LAN because of the security threat that it
> poses?
>
> Regards,
> Brian
>
>
> -
> [To unsubscribe, send mail to
> [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
