-----BEGIN PGP SIGNED MESSAGE-----
>> Is it possible to filter out JAVA applets from the internet proxy
>> feed while allowing the use of JAVA in the intranet?
Richard> There are some proxy firewall type products which claim to do
Richard> Mine sweeper ?? (does email as well)
I think it's called MIMEsweeper.
An alternative approach is the Digitivity CAGE (N.B. I work for
Digitivity). Rather than simply filtering out applets from outside
the intranet, it can be configured to run applets on a sacrificial
host in the DMZ, with a GUI pipe to the desktop.
If your firewall is correctly configured, then applets running on the
CAGE host won't be able to access your NFS files, even if there's a
bug in the VM (you can't say that for applets run in a browser, where
the Java runtime is your only protection).
It doesn't prevent you running intranet applets within the browser -
in fact, that's how we're configured internally.
<URL:http://www.digitivity.com/> for the full score. [Text-only
version at <URL:http://www.digitivity.com/text/>].
-----BEGIN PGP SIGNATURE-----
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
-----END PGP SIGNATURE-----