Re: Firewall Implementation Strategy ?

[Liran Cohen <theog () tehila gov il>]

Hi ,

unless you have a need for VPNs , clustering and\or other abilities which make management pretty complicated , I would 
really recommend using iptables on Linux , it doest cost as much and provides a good enough protection.

you may take a look at http://netfilter.samba.org .

--
Liran Cohen
Security and communication consultant.
Tehila project
Government of Israel.
Tel. +972-544-898817
e-mail: theog () tehila gov il








2623361132 1333221532
4222153321

Vijay Kumar wrote:
> Hello,
>
> Currently we are havig a software firewall and the DMZ is in another Private Subnet. 
> We use Port Forwarding from the software firewall to access the DMZ servers from outside. 
>
> I have seen other implementations of Firewall where the DMZ is in a seperate subnet with Public IP Address. 
> > From the Firewall we allow only access to certain ports. 
>
> Can someone tell me the Pros and Cons of each of this implementation ? 
>
> I need to know the different types of firewall implementation so that I can redesign the new implementation. 
> Where can I get some good guidelines for the same ? 
>
> Regards,
> Vijay.