Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Question about security
> We are configuring a customer on a pipe 50 to dialin to another pipe 50 or
> a MAX 1800 connected to the customers corporate LAN. Can anyone tell me
> if there is a way to prevent the employee of the above customer from
> connecting his other b channel somewhere else? The company we are doing
> this for wants employees to connect using 1 b channel so that they don't
> have to get to many ISDN lines. But they don't want their employees to
> conect to the corporate LAN with one B channel and to the Internet with
> the other for obvious security concerns. Is there any way to do this? I
> figured we could, at least in the short term, require 2 b channels so that
> they can't do anything with the other channel. Yet, I do believe that
> there is no way to force the use of 2 b channels. Sure the pipe 50/1800
> can be configured as minimum channels = 2 but I think that if only
> one will connect, perhaps the other is already connected to the Internet,
> then the 50/1800 your dialing into will happily except only 1 channel. Is
> this correct? Does anyone know of a way to acomplish what I'm doing a
> terible job of explaining here?
Other than just not giving them the password to the box? (assuming that
these are ISDN U units and therefore the users have no access to the S/T
bus).
Of course they can still open up the Pipe and zap the config, but they'll
always be able to do that if they have physical access to the Pipeline.
Besides, they'll be detected if they do that.
But for another strategy, talk to the telco. They can restrict an ISDN
line to one outgoing call (at least on NT switches, which is what you're
on if you're in Toronto).
-Phil
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
References: