Note: forwarded message attached. __________________________________________________ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/
The main objection is SR setup. When it works, it is as easy as you say, however; on peoples home PCs in can cause problems with all the other SW they have installed. It works pretty well on company owned laptops. SR also is hard to setup when used withj AOL 5. I've heard that AOL 6 will use the MS stack and work with SecuRemote. If we stick to using SR, than their is no need to allow lotus traffic from the Internet. THX, Pete Goodridge --- Warren Barrow <[EMAIL PROTECTED]> wrote: > > It's my personal opinion you should throw the > implementer and his crew out > of the project (and out of your office). SecuRemote > is definitely not hard > to set up; a monkey could click through the setup > options and define a site. > If you use securemote to get to the lotus server-- > that's alright. I highly > suggest you -NOT- allow any other traffic other than > SMTP from the internet > to that lotus server. It would be optimal to stick > an smtp relay in the DMZ > to forward the incoming mail to the lotus server. > The lotus server should > definitely sit on the internal network because it > contains too much > information to be in the DMZ. The relay in the DMZ > would greatly reduce the > risk of compromise since no one would be allowed to > connect to the internal > network. > > Why would you want to allow lotus traffic to the > server from the Internet? > > -Warren. > > -----Original Message----- > From: Peter Goodridge [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 01, 2000 10:40 AM > To: firewall list > Subject: [FW1] Open Lotus Port inbound? > > > > We are installing Lotus Notes to replace our current > e-mail system. The people running the project want > allow employees to come though the firewall using a > browser and/or the lotus client without using > Securemote, etc. Their claim is that because it is > encrypted it's perfectly safe, and SR is too hard to > install. > > I can probably talk them out of of the web server > idea, but opening the lotus port inbound is going to > be a harder battle. I doubt they'll want to set up > a > server in the DMZ either. > > Could I get some input on how disingenuous, I'm mean > counter productive, I'm mean > contra-indicated....O.K. > how stupid this idea is? > > THX, > Pete Goodridge > > __________________________________________________ > Do You Yahoo!? > Yahoo! Mail - Free email you can access from > anywhere! > http://mail.yahoo.com/ > > > ============================================================================ > ==== > To unsubscribe from this mailing list, please > see the instructions at > > http://www.checkpoint.com/services/mailing.html > ============================================================================ > ==== > > > ================================================================================ > To unsubscribe from this mailing list, please > see the instructions at > > http://www.checkpoint.com/services/mailing.html > ================================================================================ __________________________________________________ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/
