OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archive: Re: Say it ain't so

Re: Say it ain't so

jimcoltano.stortek.com
Thu, 18 Sep 1997 15:20:45 -0600 (MDT)

Jim -

It ain't so.

There should be no reason to change ip addresses on all the stuff currently
in the network. UNLESS thier plan is to abandon your current IP address
space in favor of one of the private network numbers and do NAT on the
firewall. And even then you do not have to change the internal addresses.

Sounds like scope creep on the part of the installation team to me.

Now you may still have to touch every machine to change some things if they
have decided to use socksified processes like telnet, ftp and such. have
to replace client apps. Also would need to touch every copy of web browsers
to set up proxying.

>From owner-firewall-wizardsnfr.net Thu Sep 18 15:14 MDT 1997
>From: "Jim Leo" <ADMINeverett.pitt.cc.nc.us>
>To: firewall-wizardsnfr.net
>Date: Wed, 17 Sep 1997 12:43:27 EST5EDT
>Subject: Say it ain't so
>
>Hi All,
> I've got a meeting with our Firewall Installers on the 29th. Got
>pulled into as a result of 'centralizing' our computer/technology
>staff and creation of a helpdesk. The upshot is this. We have been
>apprised by one of the staff (Originally selected
>installation/Firewall) and was told that every device behind the
>firewall would have to 'be touched' for anything to work. It almost
>sounds like a complete rework of the network setup/standard. We were
>told that all IP addresses would have to be changed. Somehow I get
>the impression that this is the installers idea, and I'm not quite
>willing to by into it. I feel that it should be possible to 'plug-in'
>any properly configured firewall (with the exception of the proxies)
>and not have to reconfigure machines.
> Am I wrong?
>Jim Leo
>admineverett.pitt.cc.nc.us
>
>
>
>

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:08:57 CDT