> Here is a case where you trust the machines, but do not trust Joe.  
> 
> Commonly, trusted servers are deployed on network segments that are
> separate from untrusted users - via Ethernet segments or VLANs.  It
> is also possible to use VPNs to provide functional separation of
> servers from users, if separate Ethernet tiers is not possible.

Sure, but in this case some users still needs access to these servers.

But I was thinking about have those servers logging into the
gateway/authpf via some boot script and then keeping that connection
open.

>> And what about other kinds of access? Now I get a brand new box in
>> that needs a fresh installation of some Linux distribution that we
>> install over HTTP. This new box doesn't come with a SSH console and
>> the install disk doesn't provide a console with SSH during
>> installation.

> The provisioning if performed on the untrusted network, would require 
> the distribution server to be accessible.  Simple enough with a pass
> rule to your organization's deployment server.
 
We don't run with a deployment server, but maybe this is one use case
in which all the different OS'es we use could be deployed over network
boot.

However, we do a lot of testing on many different distributions etc.,
but maybe in this particular case a isolated segment can be created.

Kind regards.

Reply via email to