pascal@CAM.ORG (Pascal Gosselin) (09/24/90)
Hello,
I would like to know if it possible to selectively hide network
ressources from one zone to another using Infosphere's Liaison (now owned
by Farallon, right???).
Specifically, I would like to know if it is possible to only allow
MicroSoft Mail packets to go through a bridge???? How difficult is it
to configure Liaison do accomplish such a task? Is it easier to configure
the software to hide LaserWriters/Imagewriters/AppleShare servers and
simply let everything else go through???
Would it be better to simply install half-bridges between certain machines?
--
+----------------------------------------------------------------------------+
| Pascal Gosselin | Internet: Pascal@cam.org Applelink: CDA0585 |
| Gest-Mac Inc. Apple VAR | Voice (514) 767-4444 Fax (514) 767-7337 |
+----------------------------------------------------------------------------+hv@uwasa.fi (Harri Valkama LAKE) (09/25/90)
In article <1990Sep23.210946.7533@CAM.ORG> pascal@CAM.ORG (Pascal Gosselin) writes: > I would like to know if it possible to selectively hide network >ressources from one zone to another using Infosphere's Liaison (now owned >by Farallon, right???). > Specifically, I would like to know if it is possible to only allow >MicroSoft Mail packets to go through a bridge???? How difficult is it >to configure Liaison do accomplish such a task? Is it easier to configure >the software to hide LaserWriters/Imagewriters/AppleShare servers and >simply let everything else go through??? > Would it be better to simply install half-bridges >between certain machines? GatorSystem v1.5.0 of GatorBox lets you hide resources on three levels. 1) zones 2) lasers 3) any device that has a tilde character on the end of the device name -- == Harri Valkama, University of Vaasa, Finland ================================ P.O. Box 700, 65101 VAASA, Finland (tel:+358 61 248426 fax:+358 61 248465) hv@uwasa.fi hv@nic.funet.fi hkv@flame.uwasa.fi harri.valkama@wmac00.uwasa.fi Moderating at chyde.uwasa.fi (128.214.12.3) & nic.funet.fi (128.214.6.100)
barnett@grymoire.crd.ge.com (Bruce Barnett) (09/25/90)
In article <1990Sep23.210946.7533@CAM.ORG> pascal@CAM.ORG (Pascal Gosselin) writes: > Specifically, I would like to know if it is possible to only allow > MicroSoft Mail packets to go through a bridge???? I have looked at both Liaison and GatorMail-M as a mechanism for merging two Microsoft Mail systems without compromising security. You can use either one. With Liaison, you must purchase the "Liaison Gateway for Microsoft Mail. This is a special version of Liaison that handled MS Mail. You should also use Version 2.0B of Microsoft Mail Server, but version 2.0A might also work fine. The security is specified by the Macintosh making the Liaison connection. The machine being called cannot limit security. You log on to the mail server as Network Manager, and in the special server configuration in the mail menu, you specify you want traffic to be Microsoft Mail only. The machine being called doesn't need the Liaison MS Mail Gateway, just regular Liaison. Some things to be aware of: The Macintosh with Liaison and a Modem (or dedicated line) is the "bridge". When you have several mail servers, you must install the Liaison "network tuner" on each server, so it knows about the other mail servers. The network tuner INIT prevents slow networks from timing out. The first connection will take some time as all MS Mail names are propagated. All mail names from all mail servers will be seen by all users. If you have more than 16 mail servers, you must wait for the next release of Liaison, which is due Real Soon Now. Another solution is to use two copies of GatorMail-M, from Cayman. You can put a Unix machine between the two, or route SMTP mail from one Mac to another using TCP/IP routing. This keeps the networks and mail names 100% separate. This is a more expensive solution. I have not been able to get Liaison Gateway and GatorMail-M gateway on the same Mail Server. They don't like each other. -- Bruce G. Barnett barnett@crd.ge.com uunet!crdgw1!barnett
rbrink@hubcap.clemson.edu (Rick Brink) (10/01/90)
From article <1990Sep23.210946.7533@CAM.ORG>, by pascal@CAM.ORG (Pascal Gosselin): > I would like to know if it possible to selectively hide network > ressources from one zone to another using Infosphere's Liaison (now owned > by Farallon, right???). > I'm interested in doing the same thing. I investigated Liaison, but think it is really not the way to do it. Liaison lets you use macs as bridges (something I think the apple product does better). You have to have the correct level of Access Priviledges via the chooser to move across the bridge. Although I haven't yet found a product that will do this the way I Want, I think some restrictive software changes need to be inacted in each machine. That leaves a software solution, one easier to maintain. The problems inherant in restricting appletalk are many. Remember that appletalk works like a party line. Everyone is connected and always listening, only when your mac hears it's node number does it pass the packet on to the user. Anyone else have Ideas about this?