On Fri, 26 May 2000 10:14:03 CDT, [EMAIL PROTECTED] said:
> A network server will still authenticate user requests. Only the host
> needs to be authenticated with the disk/disks.
Hmm.
Isn't this security model the cause of most grumbling regarding NFS security?
> If the larger network that is employing this technology doesn't hire a decent
> consultant, you might be right. If they do, it will ALWAYS be behind a firewall :-)
Double Hmm..
Odd.. I thought we had a clue about security. The guys at SANS just
gave us a 'Technology Leadership Award'. I just walked across the hallway,
and I didn't see any firewall in our router swamp.
I guess because we don't have a firewall, we don't have a clue. Or because
we don't have a firewall, we can't deploy this technology. Somehow, that
doesn't smell right.
> the server and storage devices could be in a VLAN or something to deny direct hack
> attempts against the storage device, but the chink in the armor is how hardened is
> your OS?
If your OS is hardened enough, a firewall may not be appropriate.
"New from Kellogs - Firewalls cereal - part of this *COMPLETE* and *BALANCED*
security breakfast".
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
