This is my question, also:

| My question is whether [router] <==> [firewall] <==> [400 http server
| configuration] <==> [application level security] <==> [object level
| authority] is sufficient?  It seems to me that such a
| configuration already
| provides 5 layers of protection?


Given the sophistication of hackers, I'm doubtful.  But I don't know the
facts, sufficiently.




| -----Original Message-----
| From: midrange-l-admin@midrange.com
| [mailto:midrange-l-admin@midrange.com]On Behalf Of Nathan M. Andelin
| Sent: Saturday, December 15, 2001 10:14 PM
| To: midrange-l@midrange.com
| Subject: Re: Where are all of the /400's going.
|
|
| From: "Joe Pluta" <joepluta@PlutaBrothers.com>
|
| > If you read the thread, I carefully separated data
| > into two categories: secured and unsecured.  This
| > is a real and vital differentiation.
|
| My idea of data is what you put in a database, records and fields.  In my
| experience, the amount of data used for marketing and public awareness is
| minimal.  Are you thinking otherwise?  Or would you agree that there is a
| desire to protect the vast majority of data?
|
| > Unless you have lots of extra processing power,
| > there's really no reason to serve static web pages from
| > your mission critical machine.
|
| I agree that CPU is priced at a premimum on the 400.  On the other hand,
| take into account opperational efficiencies.  Web applications and static
| pages often share common graphics, style sheets, and other types of files.
| It's easier to manage that on a single server as opposed to dividing it
| between two servers.
|
| The management argument works both ways.  I've listened to IIS / FrontPage
| Webmasters argue to deploy Web applications on an Intel server
| for the same
| reason.  Maybe they simply don't know the 400, and don't want to
| learn about
| it.  Maybe the Webmaster resists having to ask for authorization to set up
| directories in the IFS.  Just another hassle, in his mind.
|
| Once you divide data and applications across platforms, watch the
| political
| turf wars erupt.
|
| > Mission critical data should reside on a machine
| > that is only accessed through encapsulated server requests
| > from trusted sources.  A middle tier should provide
| > connectivity to the Internet.
|
| My question is whether [router] <==> [firewall] <==> [400 http server
| configuration] <==> [application level security] <==> [object level
| authority] is sufficient?  It seems to me that such a
| configuration already
| provides 5 layers of protection?
|
| Nathan M. Andelin
| www.relational-data.com
|
|
| _______________________________________________
| This is the Midrange Systems Technical Discussion (MIDRANGE-L)
| mailing list
| To post a message email: MIDRANGE-L@midrange.com
| To subscribe, unsubscribe, or change list options,
| visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
| or email: MIDRANGE-L-request@midrange.com
| Before posting, please take a moment to review the archives
| at http://archive.midrange.com/midrange-l.
|



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.