Security Basics mailing list archives
RE: Firewall and DMZ topology
From: "Steve Bremer" <steveb () nebcoinc com>
Date: Tue, 10 Jun 2003 15:01:04 -0500
I do think tri-homed firewalls are a good solution, but they are not as secure as a two firewall solution.
Why not combine both topologies? Internet | | | Ext FW ----------- External DMZ | | (Int DMZ) | Int FW | | | LAN The network between the Ext FW and the Int FW could be used as an "internal DMZ" for the proxy server. Then, the external DMZ could be reserved solely for those machines that the outside world must have access to. Ideally, the external FW and the internal FW should be using different software (pf, iptables, ipf, etc). What do you think? Am I overly paranoid? Steve Bremer NEBCO, Inc. System & Security Administrator --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- Re: Firewall and DMZ topology, (continued)
- Re: Firewall and DMZ topology Daniel B. Cid (Jun 10)
- Re: Firewall and DMZ topology Steve Bremer (Jun 10)
- Re: Firewall and DMZ topology Daniel B. Cid (Jun 10)
- Message not available
- Re: Firewall and DMZ topology Daniel B. Cid (Jun 10)
- RE: Firewall and DMZ topology Des Ward (Jun 10)
- Re: Firewall and DMZ topology Aaron Fisher (Jun 11)
- Re: Firewall and DMZ topology Christopher Ingram (Jun 10)
- RE: Firewall and DMZ topology Chris Berry (Jun 10)
- Re: Firewall and DMZ topology Chris Berry (Jun 10)
- RE: Firewall and DMZ topology Depp, Dennis M. (Jun 10)
- RE: Firewall and DMZ topology Steve Bremer (Jun 10)
- RE: Firewall and DMZ topology ed (Jun 10)
- RE: Firewall and DMZ topology David Ellis (Jun 10)
- RE: Firewall and DMZ topology DeGennaro, Gregory (Jun 10)
- RE: Firewall and DMZ topology Depp, Dennis M. (Jun 10)
- RE: Firewall and DMZ topology Daniel B. Cid (Jun 10)
- Re: Firewall and DMZ topology Chris Berry (Jun 10)
- Re: Firewall and DMZ topology Steve Bremer (Jun 11)
- RE: Firewall and DMZ topology Depp, Dennis M. (Jun 11)
- RE: Firewall and DMZ topology Depp, Dennis M. (Jun 11)
- RE: Firewall and DMZ topology Morgado Alain (Jun 11)