-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 09 October 2002 11:31, Chris Hylen wrote: > Security Pro's: > > A group of my programmers want to have a DSL connection put in their > testing area so they can simulate end user experience across the Internet. > I have concerns with this and am curious if anyone else has found a good > solution to provision their business requirement without putting the > network at risk. > > I know I haven't gone in to enough detail for an EXACT solution but > in general if anyone has any "tips" I'd appreciate it. Thanks!
Well, you're probably looking at one dedicated box that does NAT/firewalling and sits between the DSL and the rest of your network. All other boxes rely on this one box to secure them, so there's no pressing need for reconfiguration of the internal network. If you want to be 100% safe of course, you would disconnect the clients not needing internet access and physically connect only a few boxes to the one with the DSL line, thus putting a limited part of your network "at risk". See how that goes, and then you can make the big step and allow (regulated) internet traffic to flow through your entire network. - -A - -- http://www.andrew.cmu.edu/~apapadop/pub_key.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE9pkr5gmAMwQt1gmURAtbqAJ9UVUAuMPLa8Pa6q7DnXOzm9epQbgCeN79F Y94jHKCEkTMz6S4eAjheiug= =LXa6 -----END PGP SIGNATURE-----
