Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Tarantella and FW-1

To: [email protected]
Subject: [FW1] Tarantella and FW-1
From: Orlando Goza <[email protected]>
Date: Mon, 18 Dec 2000 09:02:57 -0800 (PST)
Sender: [email protected]

Hello dear firewallers:

Has anybody had any experience with Tarantella
http://www.tarantella.com) and FW-1?

We are planning on installing a Tarantella server
for giving remote users web-based access to internal
applications.

Scenario:

FW 4.1 SP2 on NT 4.0, SP6a
3 NICs: Internal private LAN (NATTed), public DMZ,
public Internet segment

Possible options:

1) Place the Tarantella server on the internal LAN and
open up the ports required for access by remote users
from their browsers (web server port 80 and Tarantella
ASAD port 3144)at the firewall.

2) Place the Tarantella server on the DMZ and allow
inbound access to it from Internet, allow the
connections between the Tarantella server and the
internal application servers through the ports
required.

3) Purchase VPN module and set up access to the
internal Tarantella server through SecuRemote clients.


I ruled out option 1 because of the insecurity
associated with allowing direct inbound connections to
the internal LAN. I am in favor of option 3 because I
think it is the most secure one, but this solution is
not as immediate as my manager would want,as we don't
have a VPN module yet. Additionally, he also favors
option 2 for not requiring the installation of VPN
client software as option 3 does, a browser is all
that is required.

How do options 2 and 3 compare in terms of security?
what are the issues, risks involved with option 2?

I badly need your wise views to help me convince my
manager that option 3, although less immediate, is the
route we should go. 

I'm a newbie to the VPN stuff, so please excuse my
inexperience.

I'll also very much appreciate any tips, hints,
recommendations or any other ideas regarding the use
of a Tarantella server with FW-1.

Thank you so much in advance for your valuable help.

Orlando Goza


__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] License
Next by Date: Re: [FW1] Rule 0
Previous by thread: [FW1] License
Next by thread: Re: [FW1] Tarantella and FW-1
Index(es):
- Date
- Thread