We're having an issue at our Data Centre, where by our customer Internet facing Terminal Servers are under attack on a more frequent and sustained basis. We have selectively been blocking the offending public addresses. However as you can imagine, this exclusion list will only continue to grow and become unmanageable.
As of yet we do not have any ACL's in place that identify the our/customer traffic from non-customer traffic - which is pretty much the root cause of this issue. It is like this for a couple of reasons: 1. Some of our customer users have the ability to connect to these servers from their homes (i.e. access out with their parent company LAN) where their broadband connection would potentially have a dynamic IP address. 2. From our own perspective, if we were to lock down access to these servers by IP addresses, then we ourselves become at risk (in terms of not being able to provide customer support, especially since we have some pretty rigid SLA's in place). If the VPN to our Data Centre goes down, we would have to send people home to continue working. Therefore we have the same issue(s) as outlined in point 1. Above. Therefore I would be interested to know how other people are handling the same/similar situations and any recommendations you may have? Regards, Rab. ============================================================= Robert Jackson Phone: +44 (0) 141 332 7999 IT Manager Fax: +44 (0) 141 331 2820 Walker Martyn Ltd 1 Park Circus Place Email: r...@walkermartyn.co.uk <mailto:r...@walkermartyn.co.uk> Glasgow G3 6AH, Scotland Web: http://www.walkermartyn.co.uk <http://www.walkermartyn.co.uk/> ============================================================= ************************************************************************ The information in this internet E-mail is confidential and is intended solely for the addressee. Access, copying or re-use of information in it by anyone else is unauthorised. Any views or opinions presented are solely those of the author and do not necessarily represent those of Walker Martyn Ltd or any of its affiliates. If you are not the intended recipient please contact administra...@walkermartyn.co.uk Walker Martyn Ltd, company number SC197533. Company is registered in Scotland and has its registered office at 1 Park Circus Place, Glasgow G3 6AH, UK. **************************************************************** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
