Security Basics mailing list archives
Re: External Network / Firewall Setup.
From: lists () ninjafriendly com
Date: Wed, 07 Sep 2005 14:43:45 +0100
Quoting "Ivan ." <ivanhec () gmail com>:
Sorry, I should have been more clear - I mean failure in terms of a compromisedI'm wary of a single point of failure.Everything you listed in your diagram is a single point of failure? If you want redundancy you would start at the router, make it a HA pair, 2 switches, the FW a HA pair, 2 switches and the last FW a HA pair and 2 more switches. Sorry, I couldn't be bother doing a ascii diag for you.
firewall allowing access to the internal lan. I'm aware that if part of my plan breaks it knocks out connectivity for the lot. Redundancy would be good to have, but we may not be able to afford it.
If you go the PIX route the second in a HA pair is half price. Also take a look at Netscreen's, good value.
Good to know
Should I use the DMZ mailserver simply as a relay for an internal mailserver?yes, for sure contact me off list if you want a quick and dirty diag cheers Ivan
Current thread:
- External Network / Firewall Setup. lists (Sep 06)
- Re: External Network / Firewall Setup. Michael Gale (Sep 07)
- Re: External Network / Firewall Setup. Ivan . (Sep 07)
- Re: External Network / Firewall Setup. lists (Sep 07)
- RE: External Network / Firewall Setup. Mikhail Minyailov (Sep 07)
- Re: External Network / Firewall Setup. Greg Stiavetti (Sep 07)
- Red Cross needs network security tech volunteers Kelley Greenman (Sep 12)
- Re: External Network / Firewall Setup. Greg Stiavetti (Sep 07)
- RE: External Network / Firewall Setup. David Gillett (Sep 07)
- Re: External Network / Firewall Setup. Jayson Anderson (Sep 08)
- <Possible follow-ups>
- RE: External Network / Firewall Setup. Tim.BUTTON (Sep 07)
- RE: External Network / Firewall Setup. lists (Sep 07)
- Re: External Network / Firewall Setup. Florian Rommel (Sep 07)
- RE: External Network / Firewall Setup. Tim.BUTTON (Sep 07)
- RE: External Network / Firewall Setup. Jayson Anderson (Sep 08)
(Thread continues...)