An IP address can be easily spoofed, so I'm not sure why people think that restricting to particular inbound IP addresses offers much protection. But even if it did, that's a single level: all or nothing. I doubt that most businesses would find all-or-nothing access to their entire collection of core enterprise data sufficient.
- - - - - Timothy Sipples IBM Consulting Enterprise Software Architect Specializing in Software Architectures Related to System z Based in Tokyo, Serving IBM Japan and IBM Asia-Pacific E-Mail: [EMAIL PROTECTED] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html