|
As discussed in Chapter 5, Have-A-Seat would use access lists on the routers that border their DMZ should they choose to implement a firewall. Those would allow access to their web server and e-mail server, but not allow direct access into Have-A-Seat’s internal network.
Yes, you could use compression to save bandwidth. Be sure that CPU utilization on affected routers is below 65 percent, though.
Scott can use SAP filters at the high schools and junior high schools to prevent their local server’s services from being advertised out.
Cisco IOS supports encryption between routers, not between hosts. A better solution might be to either use security between the web server and client, or to use switches and VLANs to ensure that administrative traffic could not be overheard on student workstations.
Cisco IOS supports GNS Proxy, whereby the router in the elementary school will build its own SAP table and respond to local GNS requests. There is no need to configure bridging, and the workstations will never care that there is not actually a Novell server present.
|