|
I see it coming too, however all the officers of the division here have delt enough with that, the battle is from the top-down here sort-to speak. Not that corp is bad, they just got too big, too fast, and are not organized very well - it takes weeks to get a new user set-up, and the last time we had to deal with their help desk took nearly a week to resolve an issue that if the issue would have been all in-house, would have taken us 10 minutes to fix. We will win this battle. I do already have ftp exit points and such, as we currently do some external things over the internet (but locked down very tightly) The iSeries is such a cool machine! Thanks for more info, and glad to hear others do/can do what we are doing. -----Original Message----- From: midrange-l-admin@midrange.com [mailto:midrange-l-admin@midrange.com]On Behalf Of rob@dekko.com Sent: Wednesday, April 17, 2002 9:21 AM To: midrange-l@midrange.com Subject: Re: AS/400 on two IP schemes This is a multipart message in MIME format. -- [ Picked text/plain from multipart/alternative ] You have been assimilated. Resistance is futile. You could fight this battle, but what may come next is that they want the ability to create a central help desk. And then they will be using software to access your PC's to assist the users. Then, they will audit your software to see if you are in compliance, etc. But if you insist on fighting this battle until the very day they kick your a$$ out the door you can put a firewall between you and them. That firewall would restrict FTP from one address, or a range of addresses on their end to only your 400 address. Then with the appropriate exit points you can secure what operations, and where, they can access data on your 400. This is what we do for our customers. For exit point security: http://faq.midrange.com/data/cache/198.html Rob Berendt -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." Benjamin Franklin "Mark A. Manske" <mmanske@minter-weisman.com> Sent by: midrange-l-admin@midrange.com 04/17/2002 08:56 AM Please respond to midrange-l To: "MIDRANGE-L \(E-mail\)" <MIDRANGE-L@midrange.com> cc: Fax to: Subject: AS/400 on two IP schemes Hello IP wizards and security gurus; I looked over the archives, but did not see what I was looking for - We have our AS/400, and all related devices set-up to a certain IP scheme, we have been sold, and corporate wants now to place our AS/400 on their WAN, my issue is I do not want them to see anything else, and even on the AS/400 I only want to give that nic card access to one library, and absolutely nothing else. Can anyone assist me where to look as to how to set-up something like this (which books do I need to read) And can I lock it down this tight? TIA Mark A. Manske Fleming CSD - Plymouth Division Sr. Project Lead Phone (763) 545-3700 extension 273 Web Site http://www.minter-weisman.com E-Mail mailto:mmanske@minter-weisman.com _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@midrange.com To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l or email: MIDRANGE-L-request@midrange.com Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l. _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@midrange.com To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l or email: MIDRANGE-L-request@midrange.com Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.