RE: [FW1] user access

["Vanderbur, Christine" <christine.vanderbur@acs.stel.com>]

Ho Bob!
Depends on the FW intention but my most companies/organizations use 
2.  default access of "no access" and specific enabled hosts and
services.

It is more secure and easier to (FYI - my husband works for a security
company 
that does intrusion detection and he agrees!)

-----Original Message-----
From: Bob Reilly [mailto:breil1@home.com]
Sent: Monday, October 11, 1999 5:08 PM
To: fw-1-mailinglist@lists.us.checkpoint.com
Subject: [FW1] user access



Hi-

sorry to bother you, but i would appreciate it greatly if you would
reply
with
your input.

i have a client who is developing an internet client server application
and,
in my experience, most firewalls/proxy servers are setup with the
internal
users having the default of access to "any" host using "any" service,
and
then the admin might restrict some services, such as icq, pointcast,
irc,
whatever.

would you tell me your experience, just with a rough percentage for
either:

1.  unlimited default  access with specific restrictions

2.  default access of "no access" and specific enabled hosts and
services.

thanks in advance

bob reilly
director
transnational consulting
pleasant hill, ca







========================================================================
========
     To unsubscribe from this mailing list, please see the instructions
at
               http://www.checkpoint.com/services/mailing.html
========================================================================
========


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================