[156557] in North American Network Operators' Group
Re: The Department of Work and Pensions,
daemon@ATHENA.MIT.EDU (Robert Bonomi)
Wed Sep 19 20:59:38 2012
Date: Wed, 19 Sep 2012 19:59:35 -0500 (CDT)
From: Robert Bonomi <bonomi@mail.r-bonomi.com>
To: nanog@nanog.org
In-Reply-To: <4F38CD88-0188-4B0F-9F94-7F088644EEB6@netconsonance.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> From: Jo Rhett <jrhett@netconsonance.com>
> Date: Wed, 19 Sep 2012 10:42:30 -0700
> Subject: Re: The Department of Work and Pensions, UK has an entire /8
[[ sneck ]]
>
> And second, have you ever worked on a private intranet that wasn't
> connected to the internet through a firewall? Skipping oob networks for
> equipment management, neither have I.
Yes, in fact, I have. <grin>
In the financial and/or brokerage communities, there are internal networks
with enough 'high value'/sensitive information to justify "air gap"
isolation from the outide world.
Also, in those industries, there are 'semi-isolated' networks where
all external commnications are mediated through dual-homed _application-
layer_ gateways. No packet-level communications between 'inside' and
'outside'. The 'inside' apps onl know how to talk to the gateway; server-
side talks only to specific (pre-determined) trusted hosts for the
specific request being processed. NO 'transparent pass-through' in
either direction.
