Re: iSeries vs. Unix vs. SQL Server vs. Oracle &Security/Datase paration??? -- MIDRANGE-L

Well, it sort of matters exactly how much it segments everything.  Is it a
situation where you can delegate the type of traffic that passes between
both partitions?  If one LPAR gets compromised, can they low level attack
the system to get to the data?  If they DOS the web application and its
LIAR, does it affect the DB abd app LPAR?
----- Original Message ----- 
From: <rob@xxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Monday, August 04, 2003 3:24 PM
Subject: RE: iSeries vs. Unix vs. SQL Server vs. Oracle & Security/Datase
paration???


> LPAR?
>
> Rob Berendt
> -- 
> "They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety."
> Benjamin Franklin
>
>
>
>
>
> McIntyre Don <dnmcin@xxxxxxxxx>
> Sent by: midrange-l-bounces@xxxxxxxxxxxx
> 08/04/2003 02:20 PM
> Please respond to Midrange Systems Technical Discussion
>
>         To:     Midrange Systems Technical Discussion
> <midrange-l@xxxxxxxxxxxx>
>         cc:
>         Fax to:
>         Subject:        RE: iSeries vs. Unix vs. SQL Server vs. Oracle &
> Security/Data se        paration???
>
>
> --- "DeLong, Eric" <EDeLong@xxxxxxxxxxxxxxx> wrote:
> > Don,
> >
> > I expect the the recommendations are, generally,
> > what is considered best
> > practice.  It's generally unsafe to expose your
> > critical databases (and
> > servers) to the public directly.
>
> I understand the concept and reasoning behind this.
>
> This practice moots the 1 iSeries Server argument.
> 'Now I HAVE to have more than one Server to provide
> proper security'.  And it doesn't matter if the
> deployment server is iSeries (according to the
> 'Experts')
>
> Now what I believe and reality may not be the same in
> this case, but here goes...IBM touts the iSeries as
> the most secure or securable server on the Market.
> The concept of DMZ, Data separation is a necessity
> when using PC Servers, and that this concept and
> practice is widely used by PC administrators in order
> to secure their vulnerable PC platforms.  They have no
> other way.  They don't have an Object based system or
> built in security, as the iSeries.
>
> The problem is that if I go to 1 Server as most
> respondents in this lists suggest, then I'm going
> against the IBM recommendation and I do so at my own
> security risk.
>
> I know that nothing is 100% secure, but instead of the
> separation, I would like to be advised on how to make
> my System secure using one server, as everyone here is
> advocating.  And I would also like for IBM to
> recognize 1 Server as being a viable option.
>
> Don McIntyre
>
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.