Engineering guidelines 41
Hosts that need to be accessed from the World Wide Web must be placed in a special
On the other hand,
Table 3 summarizes the recommended access permissions allowed by the firewall. All other paths not in the table should be denied.
Table 3
Firewall access permissions
Source | Destination | Protocol |
|
|
|
WWW | ICB | HTTP |
|
|
|
ICB | HTTP, FTP, TELNET | |
|
|
|
ICB | WWW | FTP (optional; allows upgrade from the |
|
| web) |
|
|
|
ICB | FTP | |
|
|
|
ICB | Mail Server | SMTP |
|
|
|
Notes
Take the following notes into consideration:
•Technically, a firewall can be configured to enforce these access restrictions even when the ICB is in the
•Cards of a
LAN/intranet access only
In this configuration, the ICB is not accessible from anywhere in the World Wide Web (assuming this policy is enforced by the firewall). There are two options for this type of configuration:
Figure 7 on page 42 shows an example of the C-LAN connection.
Nortel Integrated Conference Bridge Service Implementation Guide