On Tue, Aug 21, 2007 at 02:28:56PM -0600, Chris Friesen wrote:
> Dave Hall wrote:
>
> >It sounds like you just want to isolate the instrument's computer from the
> >big band network since it can not be properly managed.
> >
> >Why not just add a second network card to the machine that you will be
> >using to fetch the data and connect the two with a cross-over cable.
>
> This leaves the system at risk to a compromised "data fetching" machine.
> If that's an acceptable risk, then fine. My earlier suggestion was to
> add a filtering bridge in addition to this proxy machine.
How is the risk to the data any different? Are the additional layers of
security worth the cost and effort relative to the risk?
What Gordon described sounds like a situation which is quite common in many
of the research labs around here. Various instrumentation is controlled by
older Windows boxes which have a high risk of breaking due to vary narrow
compatibility requirements. The desktop guys tell me there are quite a few
Windows 98 boxes controlling instrumentation that are not networked. The
downside is there are no virus scanner updates so they get hit by viruses
on memory sticks used to collect data. Gordon, is this the case?
Received on Tue Aug 21 14:58:05 2007
This archive was generated by hypermail 2.1.8 : Tue Aug 21 2007 - 14:58:08 CST