Don, Here's the info you need.
One rule Src: Legato Server Dst: DMZ Devices Service: TCP port range 10,001 - 30,000, TCP port range 7937 - 9336, TCP 111 Second rule Src. DMZ Devices Dst: Legato Server Service: TCP port range 10,001 - 30,000, TCP port range 7937 - 9336, TCP 111 Should take care of your problem... -Mike ----- Original Message ----- From: "Don Milnes" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 25, 2002 1:37 PM Subject: Re: [FW-1] Legato through Firewall > The boxes in question are in a DMZ - but still separate from the zone with > the Legato server. Your point about dropping Legato is well taken. They have > been one of the most consistently difficult companies to deal with for > support and information I have ever used for an enterprise project. But > that's another mailing list.... > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED]]On Behalf Of > [EMAIL PROTECTED] > Sent: Friday, January 25, 2002 12:48 PM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] Legato through Firewall > > > We addressed this as a design problem - you should not have anything > outside the Firewall you need to backup. It is quicker to rebuild a box > which has been damaged via hardware failure of maliciously than it is to > restore it. If your selling on-line then the speed of your site while you > are backing-up trough the Firewall will annoy your customers. etc. > On the other hand you could always drop Legato as we have just done > corporate wide :-) > Paul > -------------------------------------------------------------------------- -- > ---------------- > > C. Paul Simons > Corporate IT Security Architect > IHS Energy Group, Englewood, CO. > > > > > [EMAIL PROTECTED] > Sent by: Mailing list for discussion To: > [EMAIL PROTECTED] > of Firewall-1 cc: > <[EMAIL PROTECTED] Subject: > Re: [FW-1] Legato through Firewall > point.com> > > > 25-01-02 06:21 > Please respond to Mailing list for > discussion of Firewall-1 > > > > > > > Don Milnes <[EMAIL PROTECTED]> wrote: > > >Is anyone backing up clients with Legato through a Checkpoint Firewall? A > >quick attempt here has not worked. > >Don > > As in earlier posts said, you've to open quite a lot of ports, which means > Legato's running however security is leaking. IMHO, people should use EMC > EDM or contact Legato and force them to add security to their product. > Eventually Legato can be secured and used securely. > > Regards, > --me > > > > >================================================= > >To set vacation, Out Of Office, or away messages, > >send an email to [EMAIL PROTECTED] > >in the BODY of the email add: > >set fw-1-mailinglist nomail > >================================================= > >To unsubscribe from this mailing list, > >please see the instructions at > >http://www.checkpoint.com/services/mailing.html > >================================================= > >If you have any questions on how to change your > >subscription options, email > >[EMAIL PROTECTED] > >================================================= > > > -- > > > > > __________________________________________________________________ > Your favorite stores, helpful shopping tools and great gift ideas. > Experience the convenience of buying online with Shop@Netscape! > http://shopnow.netscape.com/ > > Get your own FREE, personal Netscape Mail account today at > http://webmail.netscape.com/ > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
