![[first slide]](../icons/info.gif){kind=icon}
|
Effective solution (1/2) | ![[previous slide]](../icons/prev.gif){kind=icon}
|
![[next slide]](../icons/next.gif){kind=icon}
|
|
The solution they choose :
The trainee doesn't need access to the mail server
Put server in a subnet, and set up IP filtering to control access to the mail servers
The subcontractor needed access to only 6 WNT servers to perform his job
Set up IP filtering in network routers to allow only
traffic to required servers
Employees didn't need access to the others subsidiaries web servers
Create a DMZ in each subsidiary for servers accessible to the
whole company, set up IP filtering to block unwanted traffic, and
configure the existing corporate HTTP proxy cache server to allow
access to on a case by case basis after user authentication
Nobody needed to be able to connect from there
to the database server
Set up IP filtering between the corporate network and the
sensitive database servers
The cooperative partner should not have access to
that part of the database
Buy new servers, create accounts for cooperative partner
on these servers only, create a VLAN for these servers and set up
IP filtering on the corporate network
® © Hervé Schauer Consultants December 1999 -
142, rue de Rivoli -
F-75001 Paris -
France Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr> |
- Page 7 - |