Educause Security Discussion mailing list archives
Re: Vendor Server Access
From: Jeff Kell <jeff-kell () UTC EDU>
Date: Fri, 24 Sep 2010 12:19:43 -0400
On 9/24/2010 11:37 AM, Abreu, Jose A wrote:
We are in the process of setting up new guidelines on how vendors access our servers as well as application owners. Can you share any insight on how your institution is handling this?
We require the vendor to give us a static IP (or verifiable subnet) where they will be doing their remote support, and provide pinhole firewall exceptions for them to the designated server. This gives us flow logs, inspection, IPS/IDS, etc like any other traffic. In a few isolated cases we have done VPN, but our current VPN is not as "finely granular" as I would like for vendor access cases. Jeff
Current thread:
- Vendor Server Access Abreu, Jose A (Sep 24)
- Re: Vendor Server Access Julian Y. Koh (Sep 24)
- Re: Vendor Server Access Alex Keller (Sep 24)
- Re: Vendor Server Access Greene, Chip (Sep 24)
- Re: Vendor Server Access Jeff Kell (Sep 24)
- Re: Vendor Server Access Bradley, Stephen W. Mr. (Sep 26)
- Re: Vendor Server Access Hugh Burley (Sep 24)