“As a system administrator in a large academic institution, it
is obvious to me that network security should be a high priority
when planning a network strategy. However, it’s not the system
administrators that make the decisions and while most managers are
willing to pay lip service to the need for security, they are far
less willing to actually start writing cheques.”
“After a couple of unsuccessful crack attempts (and a couple
of partially successful ones) we were able to justify a firewall.
This in itself was an achievement. However, even at the best of
times, the world of UK academia moves at a snail’s pace and I for
one wanted something in place very quickly….“
“Personally, I dislike ATM as a way of carrying IP, and dislike
LANE even more. There are plenty of reasons for this that run
beyond the scope of this article but I was keen to avoid its use in
a firewall and the thought of a firewall on NT turns the blood
cold. So it was time to take action. We discussed various possible
methods of creating an ethernet level “gap” between our external
connection and the main part of the network, which would allow us
to implement a nice bridging firewall with OpenBSD. However, after
many discussions it became apparent that our network equipment was
incapable of letting us do this, and ATM was the only way around
it.”