Eugene Siting!

Eugene Siting!

Post by Bahrs, Ar » Fri, 15 May 2009 02:33:29


Hi All J

Ok... this one is interesting... and cite Eugene V. as the
authority...



This is interesting to me as here the Courts rule that the Police
obtaining a warrant was nice but unnecessary and then the Court tells
the State "Improve the law so a Warrant will be needed!"



Art "InfoSec is more than just bits and bytes and nibbles" Bahrs



Art Bahrs, CISSP

Security Engineer

Providence Health & Services

(503) 216-2722





DISCLAIMER:
This message is intended for the sole use of the addressee, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the addressee you are hereby notified that you may not use, copy, disclose, or distribute to anyone the message or any information contained in the message. If you have received this message in error, please immediately advise the sender by reply email and delete this message.

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://www.yqcomputer.com/ *
 
 
 

1. OT: SITE site SITE site SITE site SITE site 0021275831620

2. Site-to-Site (-to-site-to-site-to-site-to-site)

SmallCo has just been purchased by BigCo

SmallCo has MO and BOs connected by ISA 2006 EE Site-to-Site VPNs. All sites
are connected to all other sites. Also uses MO ISA for VPN Clients.

BigCo stays "as far away from ISA as possible" (their words), because all
they know is Cisco. However, they will reluctantly let SmallCo keep using
ISA for MO and BO VPN endpoints, provided they all have connectivity to all
of BigCo's many subnets. Here's the diagram that's evolving:

4 SmallCo BO LANs
| | | |
4 SmallCo BO ISA VPN Endpoints
| | | |
Internet
| | | |
SmallCo MO ISA VPN Endpoint/VPN Server--Internet--VPN Clients
|
SmallCo MO LAN
|
Router
|
MPLS
|
Router
|
BigCo MO LAN Subnet--Outbound Internet Access for BC & SC
| | | | | | | | | | | | |
Many Routers
| | | | | | | | | | | | |
Many MPLSs
| | | | | | | | | | | | |
Many Routers
| | | | | | | | | | | | |
Many BigCo LAN Subnets

What I think I know of ISA tells me that SmallCo BOs and VPN Clients will
never see packets from BigCo because SmallCo BO ISAs will drop them as
spoofed.

If I (like it or not) disable spoof detection, will this diagram work?

Do I add BigCo address ranges to the MO VPN Networks at the BO ISAs? On the
Internal Network at the MO ISA?

Anything else it will take to make this design work?


--
Jeff Vandervoort
JRVsystems
http://www.yqcomputer.com/

3. Seeking Data Archiving (BACKUP) Suggestions (was: VAX/VMSsite) site)site) site)site) site)site)

4. [Eugene Gershnik] Any other solution?

5. Eugene McDonnell

6. password with PMdownloader? [Eugene Romanenko]

7. If Miers Is Not Confirmed should Bush Nominate Eugene?

8. Eugene Yi is out of the office.

9. Eugene on NRO

10. OT: Should Someone Nominate Eugene?

11. OT: If Miers Is Not Confirmed should Bush Nominate Eugene?

12. OT: Eugene Sighting

13. Eugene Oregon - no PHOENIX ARIZONA!

14. [Employment] New TurboGears Job in Eugene, OR

15. who knows Eugene Wang ?