Re: Firewall on server itself

[Mitch Pirtle <mitchell.pirtle () verizon net>]

On Wed, 2003-06-25 at 02:24, Anish Basu wrote:
> I am trying to set up a secure web server which will already be protected
> by a dedicated harware firewall.  The hardware firewall will be configured
> to protect the web server as well other computers on the network.  The
> web server will be running Red Hat 9.0.  Is there any reason to install
> and configure firewall software such as IPTables on the web server itself?
> Are there any advantaqes or disadvantages to having two firewalls set up
> this way?

Multi-layered approaches to firewalling definitely have their
advantages, but that means that you have to commit the resources and
skills (and processes) to guarantee that both systems stay current.

If you have these resources, then it certainly shouldn't hurt!  That is,
depending on your performance requirements of the webserver(s)...

-- Mitch


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------