Firewall Wizards mailing list archives
Re: Lotus Domino as an access control to internal network
From: Bart Smit <bart.smit () bowneglobal nl>
Date: Wed, 25 Feb 1998 14:02:16 +0100
Hi Delmer, On Mon, 23 Feb 1998 dharris () kcp com wrote:
I have been asked to help our internal e-mail team provide external access to internal e-mail. They want to use a Lotus Domino server connected to a set of dial-up access points. The Lotus Domino server would also connect to our internal network. The e-mail team claims that, because the NT box which supports the Lotus Domino server has no dial-up software loaded, the Lotus Domino server cannot be suborned into acting as a gateway to our internal network.
You don't explain what kind of "dial-up access points" you plan to use, so I'll assume that your setup will be equivalent to having one or more modems directly connected to the Notes server. In that case you'll use the Notes X.PC protocol. Notes controls the modems and handles all interaction with the clients. This setup could be secure enough for your needs: * At protocol level, your clients can only talk to the Notes server and nothing else. * The Notes server requires authentication. * When granted access to the server, clients will *only* have access at database level (subject to ACL's; review the defaults!), and not at file level. Notes authentication uses RSA's bsafe library. They don't say much about how it works, but it looks at least halfway decent. Clients need an ID file with their private and public keys to access the server. Users protect the ID file by locking it with a password, by keeping the file itself secure, or both (preferred). Personally I think you would be okay (provided it is set up correctly of course) but don't go for my word alone... regards, -- Bart Smit Phone: +31 71 5617670 System Administrator Fax: +31 71 5617484 e-mail: bart.smit () bowneglobal nl ----------------------------------------------------------------- Bowne Global Solutions (Netherlands) BV Papelaan 85 2252 EG VOORSCHOTEN The Netherlands -----------------------------------------------------------------
Current thread:
- Lotus Domino as an access control to internal network dharris (Feb 24)
- Re: Lotus Domino as an access control to internal network Aleph One (Feb 24)
- Re: Lotus Domino as an access control to internal network Roger Nebel (Feb 25)
- <Possible follow-ups>
- Re: Lotus Domino as an access control to internal network Bart Smit (Feb 25)
- Re: Lotus Domino as an access control to internal network chuck (Feb 27)
- Re: Lotus Domino as an access control to internal network Aleph One (Feb 28)
- Re: Lotus Domino as an access control to internal network chuck (Feb 27)
- Re: Lotus Domino as an access control to internal network Aleph One (Feb 24)