Search This Blog

Friday, January 11, 2008

firewall-wizards Digest, Vol 21, Issue 6

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Blackberry MDS Connection Bypassing firewall (miedaner)


----------------------------------------------------------------------

Message: 1
Date: Fri, 11 Jan 2008 10:46:42 -0500
From: "miedaner" <miedaner@twcny.rr.com>
Subject: [fw-wiz] Blackberry MDS Connection Bypassing firewall
To: <firewall-wizards@listserv.cybertrust.com>
Message-ID: <001301c85469$29b13e00$5c4c16ac@excellus.com>
Content-Type: text/plain; charset="iso-8859-1"

Hi,

Wondering if anyone has dealt with this problem with BES.


Blackberry enterprise server is configured by default to allow TCP traffic from the Blackberry clients through the encrypted BES connection to a internal network. As the Blackberries are java based some clever folks have built things like SSH clients for them.

The problem is that this type of access bypasses firewall and VPN rules.

I know that there are ACL's possible on the MDS connection service that allows this but I am told that it is either block all tcp or block none.

I am wondering if anyone knows if the BES ACl really is all or none and if anyone has implemented a solution to restrict internal network access through BES to only protocols like http or hhtps.

TIA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://listserv.icsalabs.com/pipermail/firewall-wizards/attachments/20080111/39064425/attachment-0001.html


------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 21, Issue 6
***********************************************

No comments: