Security Basics mailing list archives
Firewall and VLAN security design
From: Ahmed Ameen <ahmedameen () gmail com>
Date: Sun, 31 Oct 2004 02:45:44 +0200
Hi All, Currently we are redesigning our LAN to include a DMZ zone, and we need to reach the best security design. The available equipments are: 1-PIX with 3 NIC's 2-L3 Switch 3-N-IDS My preliminary design is as follows Internet | | -------- |PIX |____DMZ | | -------- | | LAN Internet | | -------- |NIDS |____DMZ | | -------- | | LAN Internet VLAN1 | | --------------- |L3 Switch|____DMZ VLAN2 | | ---------- | | LAN VLAN3 My Questions would be: Is it ok to use a multi homed firewall, or should I conceder 2 physical firewalls, what would be the threat of using one. Is VLAN segmentation enough to segment between the internet, DMZ and the internal network, or should I also use different switches for each, and be connected through the firewall. Thanks Firewall and VLAN security design
Current thread:
- Firewall and VLAN security design Ahmed Ameen (Nov 01)
- RE: Firewall and VLAN security design David Gillett (Nov 01)
- RE: Firewall and VLAN security design Bryan S. Sampsel (Nov 02)
- RE: Firewall and VLAN security design David Gillett (Nov 03)
- RE: Firewall and VLAN security design Bryan S. Sampsel (Nov 02)
- <Possible follow-ups>
- RE: Firewall and VLAN security design Ivan Coric (Nov 03)
- RE: Firewall and VLAN security design Jonathan Loh (Nov 03)
- RE: Firewall and VLAN security design Paul Benedek (Nov 03)
- RE: Firewall and VLAN security design Bryan S. Sampsel (Nov 03)
- RE: Firewall and VLAN security design Ghaith Nasrawi (Nov 12)
- RE: Firewall and VLAN security design Ivan Coric (Nov 03)
- RE: Firewall and VLAN security design David Gillett (Nov 01)