A repost ...
Cordially,
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
Detroit
"Simon Long" <simonlong@synergy.com.au>@tkg.com on 09/27/2000 12:57:50 AM
Please respond to IBM NetView Discussion <nv-l@tkg.com>
Sent by: owner-nv-l@tkg.com
To: IBM NetView Discussion <nv-l@tkg.com>
cc:
Subject: Re: [NV-L] Firewalls
Hi Chaz,
I will add my input to the overall information that you will probably get
in
response to your
query.
Hopefully some of what I say may be of use to you.\
Cheers,
Simon Long
"Vidal, Chaz" <chaz.vidal@eds.com> on 09/27/2000 01:19:46 PM
Please respond to IBM NetView Discussion <nv-l@tkg.com>
To: "IBM NetView Discussion (E-mail)" <nv-l@tkg.com>
cc: (bcc: Simon Long/Syd/Synergy)
Subject: [NV-L] Firewalls
> Hi All,
> I tried searching the archive but I haven't been able to see answers to
my
> questions. Anyway, here goes :
> We are trying to implement Netview on a customer site through 2
firewalls.
> Mainly, we want to manage from our site A --> Firewall <----------->
> Firewall <----> customer Site. We plan to situate our Netview server in
the
> customer site and provide client access to our operators in site A.
> 1. Can Netview handle back to back firewalls?
I should just come down to IP connectivity. If you can ping it and if
there
are
no ip filters preventing you you should be able to achieve your aim. But
as
regards the management of the Firewalls themselves - this is trickier.
> 2. What ports need to be opened up to allow clients access a Netview
server
Probably I would just grab a copy of the Release Notes which contain the
port use and complement the detail you get there with something like
"netstat
-na" from the
client and "lsof" ( for correlating daemons to ports ) - let me know if
you
don't understand what I mean.
> 3. Do you think it would be better to allow just console (xwindows)
access
> to the netview server instead of netview clients?
It would probably come down to a strict analysis of:-
1. How many filter inclusions you need to make ( more for a standard
client
connection )
2. What the relative bandwidth utilisation is ( from memory the
xwindows
approach
would be heavier ).
3. The perception of exposure inherent to utilisation of unprotected X
traffic.
> I hope y'all can help me out here because there isnt too much
documentation
> out there on Netview and firewalls.
> Thanks for any help,
> Chaz Vidal
> EDS Australia
_________________________________________________________________________
NV-L List information and Archives: http://www.tkg.com/nv-l
___________________________________________________
Simon Long
Synergy Plus Pty Ltd
Sydney
5/18-20 Orion Road, Lane Cove, NSW 2066
(Switch: ) +61 2 9425 3000 (Fax: ) +61 2 9437 5297
(Direct: ) +61 2 9438 4385 (Mobile: )0419 481 153
WebSite: www.synergy.com.au
This email and any attachments are confidential. If you are not the
intended recipient please inform
us as soon as possible and do not use, disclose, copy or distribute
this
information.
_________________________________________________________________________
NV-L List information and Archives: http://www.tkg.com/nv-l
|