lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue May 17 17:46:07 2005
From: DaveH at Radware.com (Dave Hawkins)
Subject: Security benefits of spliting services between
	two ISP providers

In the case of DDoS, if your web services are targeted, your email
systems would still have plenty of bandwidth (splitting services in that
way).  Segmenting services like this would pose no real threat from a
security standpoint, and in my opinion, only allows you to more fully
utilize both lines that you're already paying for.  In the case of
actual ISP failures, it is quite easy to use something like the Radware
LinkProof or WSD to handle complete fail-over to other network
providers.  It can be (and is) easily done with a lot of our clients who
require high-availability for disasters, but also to prevent someone
from saturating a particular ISP link.  Combine this with a
multi-segment IPS and you can minimize your risks greatly.
Don't misinterpret this as a plug for our products, but Radware has been
in the high-availability and security space for a while now, and we get
these kinds of questions all the time.

Cheers,
-Dave Hawkins
Security Engineer
Radware
http://www.radware.com


-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Frank
Laszlo
Sent: Tuesday, May 17, 2005 8:04 AM
To: Reece Mills
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] Security benefits of spliting services
between two ISP providers

Not exactly. If one ISP fails, the other could be used as a backup
system for the services that are on the "failed" isp. This could be done
with a transparent proxy or something of the sort.

Regards,
    Frank


Reece Mills wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Only part of what you need will be affected if one of your ISPs 
> fail....  Hope it is not the web based business services provider...
> Hope it
> is not the email provider....   
> Ok... What will be the security benefit of splitting services between 
> two ISP providers as you described?
>
> Nothing.
>
> Reece
>
>
> Rossen S. Naydenov wrote:
>
> |Hi group,
> |
> |What will be the security benefit of splitting services between two 
> |ISP providers?
> |By splitting services I mean have one ISP serve only web based 
> |business services and other ISP serve the email and traffic generated

> |by internal web browsing (or something similar).
> |Right now everything goes through one ISP and second ISP connection 
> |is kept as a backup.
> |
> |Thanks.
> |
> |
> |
> |Disclaimer:
> |
> |This communication is confidential. If you are not the intended
> recipient, you are hereby notified that any disclosure, copying, 
> distribution or taking any action in reliance on the contents of this 
> information is strictly prohibited and may be unlawful. If you have 
> received this communication by mistake, please notify us immediately 
> by responding to this email and then delete it from your system.
> |Bulgarian Post Bank is not responsible for, nor endorses, any
> opinion, recommendation, conclusion, solicitation, offer or agreement 
> or any information contained in this communication.
> |Bulgarian Post Bank cannot accept any responsibility for the accuracy
> or completeness of this message as it has been transmitted over a 
> public network. If you suspect that the message may have been 
> intercepted or amended, please call the sender.
> |_______________________________________________
> |Full-Disclosure - We believe in it.
> |Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> |Hosted and sponsored by Secunia - http://secunia.com/
> |
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (Darwin)
>
> iD8DBQFCiak/yz6oy+l1oOERAnnhAJ483QBQ6EOmNv56TEDqiW8ZuhF5jgCggr1X
> CIiHtXJ+MtjQDkSJBESHnyY=
> =5Z6y
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists