[BBLISA] Limoncelli Article "Firewall is a Bridge"
Edward Ned Harvey (bblisa4)
bblisa4 at nedharvey.com
Sun Jul 17 10:30:09 EDT 2016
> From: bblisa [mailto:bblisa-bounces at bblisa.org] On Behalf Of Daniel
> Feenberg
>
> We'd like to isolate a few machines from the rest of our LAN without
> renumbering them into a subnet.
I don't envy the IT person or newhire who inherits this environment someday. I'm sorry my comment isn't constructively adding to the direction you want to go - you're probably very smart and have thought this through, and considered all the pros and cons, and have good management (or you are yourself, management)... And I'm sorry that this email will probably spark a debate about whether you should or should-not, and all the reasons why, which will distract from the answer that you actually want. That being said, it is almost never a good management decision to do "tricks" and configure systems in weird, uncommon, nonstandard ways that will be surprising or confusing to new future people, or just a later version of yourself, who forgot you previously did something weird. If I were manager there, it would require a *very* compelling reason to convince me this should be done.
More information about the bblisa
mailing list