Firewall Configurations - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

Firewall Configurations

Description:

Most have no firewalling between gatekeeper and resources (gatekeeper on resources!) Firewalling/security between gatekeeper and resources likely to increase ... – PowerPoint PPT presentation

Number of Views:22
Avg rating:3.0/5.0
Slides: 10
Provided by: jonhi
Category:

less

Transcript and Presenter's Notes

Title: Firewall Configurations


1
Firewall Configurations
  • Responses from the ETF
  • (the names have been changed to protect the
    innocent..)

2
Questions
  • Where are gatekeepers w.r.t the firewall(s)?
  • Where would you be happy with a firewall?
  • Firewalls between resources and gatekeepers?
    Local access to gatekeepers trusted more?
  • Client or server connections?
  • Can make quick changes to the firewall?
  • Would be selective in allowing access through the
    firewall?

3
Responses Current F/W status
  • Some sites with NO firewall at all
  • Most sites have a site firewall (hardware)
  • Some sites have different security domains
  • Some sites run software firewalls in addition to
    site-wide firewalls
  • Most sites expect firewall to become more
    restrictive in the future

4
Responses 2 Ideal F/W Position
  • Most not happy with software firewall on the
    gatekeeper
  • Most encourage use of personal firewalls
  • Some happy with gatekeeper outside of firewall,
    resources inside
  • Any firewall affecting the gatekeeper must be fast

5
Responses 3Resources
  • Most have no firewalling between gatekeeper and
    resources (gatekeeper on resources!)
  • Firewalling/security between gatekeeper and
    resources likely to increase
  • Local users avoid site firewall

6
Responses 4 Client/Server
  • Most expect client and server access to their
    gatekeeper
  • Some would prefer access based on certificate
    possession rather than IP address

7
Responses 5 Speed of Firewall Changes
  • Site (hardware) firewalls difficult to make
    changes to quickly (less than 24 hours)
  • Software firewalls can be changed more quickly

8
Responses 6 Access to all
  • Selective access preferable
  • Most prefer to be able to offer access through
    firewalls to small groups project members, VOs
    etc.
  • Access to some resources for all, with access to
    specific resource limited to collaborators etc.

9
Impossible?
A Single Solution
  • Perhaps
Write a Comment
User Comments (0)
About PowerShow.com