Hi list,
I'm facing a little problem in that I have to backup some nodes wich are in a
DMZ, and that our security officier that untill now allowed us to open a port
dedicated to client-to-TSM server communication, now refuses what he considers
as a "security hole".
I searched the archives to find a way solving this problem , and found that
mail : http://msgs.adsm.org/cgi-bin/get/adsm0304/292.html, where Joseph Zlatko
tells :
> Improved firewall security without client-initiated sessions As in any other
> software after tons of functionality the time come to security improvement.
> Unfortunately only DMZ vulnerability is mitigated but how to deal with
> non-servers and especially mobile users is still open.
I tried to find some documents about that non-client initiated session feature,
without success. Could anybody point me to a link or give me some further
information about it, as it could be a solution for me : a firewall port could
possibly be opened, but only if communication is initiated from server...
Thanks in advance !
Arnaud
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
| Arnaud Brion, Panalpina Management Ltd., IT Group |
| Viaduktstrasse 42, P.O. Box, 4002 Basel - Switzerland |
| Phone: +41 61 226 19 78 / Fax: +41 61 226 17 01 |
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|