From: Michael Sinatra (michael@rancid.berkeley.edu)
Date: Thu Nov 07 2002 - 14:52:50 PST
On Thu, 7 Nov 2002, Aron Roberts wrote:
> At 12:42 -0800 2002-11-07, Jennifer Gwirtz wrote:
> >I've heard rumors of a campus firewall effort that's been going on.
> >Does anyone know anything about this?
>
> The Web site for the campus Firewall Task Force is:
>
> http://fwtf.berkeley.edu/
>
> You might start by reading the task force's report, particularly
> the summary recommendations at:
>
> http://fwtf.berkeley.edu/fwtf_report/Recommendations.htm
>
> and the descriptions of the firewall design options favored in the
> above recommendations, as well as other, less-preferred alternatives,
> at:
>
> http://fwtf.berkeley.edu/fwtf_report/Appendix_A.htm
>
This is very good advice, but I think Eric C. is right, in that what
Jennifer really needs is some controls on her users, so that they aren't
inadvertently doing harm to her lab computers' configurations. Eric
recommends using a multi-user operating system like NT/2000/XP on the PC
side, and it would appear that OS X would do the same trick on the mac
side, no? Also, the ghosting/imaging recommendation is a very good one.
> The task of administering personal firewall software configurations
> can be time consuming, although central administration tools (if
> available) can ease this administrative burden, as the task force's
> report notes. In general, we've found that personal firewall
> software can be more complicated and labor intensive to configure and
> maintain over time than desktop anti-virus software.
Given the number of machines involved, a personal firewall is still the
best option if you really want a _firewall_. I believe we're only talking
about 3 macs and 2 PCs. Still, they might be quite labor-intensive, but
less so than any other _firewall_ option.
michael
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
This archive was generated by hypermail 2b29 : Thu Nov 07 2002 - 15:07:08 PST