Security Basics mailing list archives
Re: Firewall Implementation Strategy ?
From: Liran Cohen <theog () tehila gov il>
Date: Mon, 15 Nov 2004 17:01:23 +0200
Hi ,unless you have a need for VPNs , clustering and\or other abilities which make management pretty complicated , I would really recommend using iptables on Linux , it doest cost as much and provides a good enough protection.
you may take a look at http://netfilter.samba.org . -- Liran Cohen Security and communication consultant. Tehila project Government of Israel. Tel. +972-544-898817 e-mail: theog () tehila gov il 2623361132 1333221532 4222153321 Vijay Kumar wrote:
Hello,Currently we are havig a software firewall and the DMZ is in another Private Subnet. We use Port Forwarding from the software firewall to access the DMZ servers from outside. I have seen other implementations of Firewall where the DMZ is in a seperate subnet with Public IP Address.From the Firewall we allow only access to certain ports.Can someone tell me the Pros and Cons of each of this implementation ? I need to know the different types of firewall implementation so that I can redesign the new implementation. Where can I get some good guidelines for the same ?Regards, Vijay.
Current thread:
- Re: Firewall Implementation Strategy ? Liran Cohen (Nov 15)