nv-l
[Top] [All Lists]

Re: Firewalls

To: nv-l@lists.tivoli.com
Subject: Re: Firewalls
From: "Leslie Clark/Southfield/IBM" <lclark@us.ibm.com>
Date: Wed, 1 Nov 2000 08:55:45 -0500
A repost ...

Cordially,

Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
Detroit


"Simon Long" <simonlong@synergy.com.au>@tkg.com on 09/27/2000 12:57:50 AM

Please respond to IBM NetView Discussion <nv-l@tkg.com>

Sent by:  owner-nv-l@tkg.com


To:   IBM NetView Discussion <nv-l@tkg.com>
cc:
Subject:  Re: [NV-L] Firewalls






Hi Chaz,

I will add my input to the overall information that you will probably get
in
response to your
query.

Hopefully some of what I say may be of use to you.\

Cheers,

Simon Long




"Vidal, Chaz" <chaz.vidal@eds.com> on 09/27/2000 01:19:46 PM

Please respond to IBM NetView Discussion <nv-l@tkg.com>

To:   "IBM NetView Discussion (E-mail)" <nv-l@tkg.com>
cc:    (bcc: Simon Long/Syd/Synergy)

Subject:  [NV-L] Firewalls




> Hi All,

> I tried searching the archive but I haven't been able to see answers to
my
> questions.  Anyway, here goes :

> We are trying to implement Netview on a customer site through 2
firewalls.
> Mainly, we want to manage from our site A --> Firewall <----------->
> Firewall <----> customer Site.  We plan to situate our Netview server in
the
> customer site and provide client access to our operators in site A.

> 1.  Can Netview handle back to back firewalls?

 I should just come down to IP connectivity.  If you can ping it and if
there
are
 no ip filters preventing you you should be able to achieve your aim.  But
as
 regards the management of the Firewalls themselves - this is trickier.

> 2.  What ports need to be opened up to allow clients access a Netview
server

Probably I would just grab a copy of the Release Notes which contain the
port use and complement the detail you get there with something like
"netstat
-na" from the
client and "lsof" ( for correlating daemons to ports )  - let me know if
you
don't understand what I mean.

> 3.  Do you think it would be better to allow just console (xwindows)
access
> to the netview server instead of netview clients?

It would probably come down to a strict analysis of:-
     1. How many filter inclusions you need to make ( more for a standard
client
connection )
     2. What the relative bandwidth utilisation is ( from memory the
xwindows
approach
        would be heavier ).
     3. The perception of exposure inherent to utilisation of unprotected X
traffic.

> I hope y'all can help me out here because there isnt too much
documentation
> out there on Netview and firewalls.


> Thanks for any help,
> Chaz Vidal
> EDS Australia
_________________________________________________________________________
NV-L List information and Archives: http://www.tkg.com/nv-l





      ___________________________________________________
      Simon Long
      Synergy Plus Pty Ltd
      Sydney
      5/18-20 Orion Road, Lane Cove, NSW 2066
      (Switch: ) +61 2 9425 3000   (Fax: ) +61 2 9437 5297
      (Direct: ) +61 2 9438 4385   (Mobile: )0419 481 153
      WebSite:  www.synergy.com.au


      This email and any attachments are confidential.  If you are not the
      intended recipient please inform
      us as soon as possible and do not use, disclose, copy or distribute
this
      information.


_________________________________________________________________________
NV-L List information and Archives: http://www.tkg.com/nv-l


<Prev in Thread] Current Thread [Next in Thread>
  • Re: Firewalls, Leslie Clark/Southfield/IBM <=

Archive operated by Skills 1st Ltd

See also: The NetView Web