With the PIX, if you have a DMZ interface, you could put your webserver in the DMZ with a private address (192.168.X.X), and you would use the "alias" command to map the public address of the server that is in DNS to the actual private address on the server.
This would allow you to hit your webserver by name from inside your network.
If you do not have a DMZ interface, you can NOT use the "alias" command to map the public IP to the internal private IP as the PIX does not support IP redirection.
"If I laid out a serious amount of money to establish COs and copper to (nearly) every house in the United States, I'd be a little pissed at the government for making me open it up to people who are offering competing services.
Technically, the Bells really should be able to lay down the law when it comes to who access their cables. I mean, it's their cables."
If the Bells financed the infrastructure themselves, that might be true. Tax dollars built the copper/fiber infrastructure (primarily). It is completely unrealistic to think that a brand new national data network needs to be built each time a new technology or service comes along that needs to use that network. I believe that was decided back in the 60's.
DOSing a corporate phone system is much more dangerous than peeping in on a call here or there. If someone can crack in, and then bring down the voice system, you've got problems.
This is why securing a VoIP network is criticaly important.
IPSec is great for auth/encrypt, but if you have a network with 10 or more AP's, that is 110Mbs of available bandwidth for wireless clients. The cost of a VPN concentrator that can terminate 100Mbs+ of 3DES IPSec traffic is VERY high.
802.1x will help solve this problem. Cisco's LEAP in conjunction with thier RADIUS server, while proprietary, works quite well. You can dynamicaly re-key WEP every few minutes, and authenticate your users back to AD or NDS or another RADIUS server for that matter.
"Ok, let me get this straight... DSL providers have to open their lines to competition, but Broadband providers dont.
hrmmm...
DSL: High Speed internet access
Cable: High Speed internet access
The differance being that the cable internet providers are also "content providers"? because they own 9 10ths of the media? ok... does anybody else see this as a problem (besides the obvious lack of meaningful content being provided)?"
The difference is that cable Inet providers use cable infrastructure which has enjoyed local monopoly status since it's inception. This was the incentive that the government gave companies who were considering putting down the coin to build a cable infrastructure. The governement said, "you build, you own it".
Since AT&T's breakup, Telco providers who own portions of the PSTN infrastructure (dial Inet/DSL Inet), have been required to allow modems on the network. Your phone company can not restrict what ISP you use.
Allowing cable infrastructure owners to continue to hold a monopoly on ISP services for their customers is going to be the downfall of the free(liberty) Inet. AOL could certainly put an end to their IM "problems" by filtering what traffic is allowed on their cable.
Slashdot Mirror
With the PIX, if you have a DMZ interface, you could put your webserver in the DMZ with a private address (192.168.X.X), and you would use the "alias" command to map the public address of the server that is in DNS to the actual private address on the server.
This would allow you to hit your webserver by name from inside your network.
If you do not have a DMZ interface, you can NOT use the "alias" command to map the public IP to the internal private IP as the PIX does not support IP redirection.
"If I laid out a serious amount of money to establish COs and copper to (nearly) every house in the United States, I'd be a little pissed at the government for making me open it up to people who are offering competing services.
Technically, the Bells really should be able to lay down the law when it comes to who access their cables. I mean, it's their cables."
If the Bells financed the infrastructure themselves, that might be true. Tax dollars built the copper/fiber infrastructure (primarily). It is completely unrealistic to think that a brand new national data network needs to be built each time a new technology or service comes along that needs to use that network. I believe that was decided back in the 60's.
DOSing a corporate phone system is much more dangerous than peeping in on a call here or there. If someone can crack in, and then bring down the voice system, you've got problems. This is why securing a VoIP network is criticaly important.
IPSec is great for auth/encrypt, but if you have a network with 10 or more AP's, that is 110Mbs of available bandwidth for wireless clients. The cost of a VPN concentrator that can terminate 100Mbs+ of 3DES IPSec traffic is VERY high. 802.1x will help solve this problem. Cisco's LEAP in conjunction with thier RADIUS server, while proprietary, works quite well. You can dynamicaly re-key WEP every few minutes, and authenticate your users back to AD or NDS or another RADIUS server for that matter.
"Ok, let me get this straight... DSL providers have to open their lines to competition, but Broadband providers dont. hrmmm... DSL: High Speed internet access Cable: High Speed internet access The differance being that the cable internet providers are also "content providers"? because they own 9 10ths of the media? ok... does anybody else see this as a problem (besides the obvious lack of meaningful content being provided)?" The difference is that cable Inet providers use cable infrastructure which has enjoyed local monopoly status since it's inception. This was the incentive that the government gave companies who were considering putting down the coin to build a cable infrastructure. The governement said, "you build, you own it". Since AT&T's breakup, Telco providers who own portions of the PSTN infrastructure (dial Inet/DSL Inet), have been required to allow modems on the network. Your phone company can not restrict what ISP you use. Allowing cable infrastructure owners to continue to hold a monopoly on ISP services for their customers is going to be the downfall of the free(liberty) Inet. AOL could certainly put an end to their IM "problems" by filtering what traffic is allowed on their cable.
Would this be in the winter or summer games?....