Security Basics mailing list archives
Re: Firewall and IPS Deployment
From: Javier Reyna <jreyna () onlinet com mx>
Date: Wed, 18 Feb 2009 14:48:27 -0600
On Thu, Feb 19, 2009 at 02:12:09AM +0700, Fadil S wrote:
Guys, What about the all-in-one firewalls. Don't you guys think that it is better to implement one? You will have a better TCO and less maintenance anyways, right? Or wrong?
In my expierence, wrong, usually the admin will not use all the features, those UTM might work in a small environment but for large networks, UTM are a mess.
Thanks, Fadil On 2/19/09, aditya mukadam <aditya.mukadam () gmail com> wrote:Ressa, Im sure you would have got some idea based on the responses received to your question. My view: The deployment depends on: 1) security requirement 2) amount of traffic on the outside and inside segment 3) type of equipment you want to use * It is highly recommended to deploy IPS between your local LAN and the Corporate/Internet Firewall. * IPS can be deployed in front of the Internet Firewall however,you need to determine the amount of traffic this IPS would get. For example if you expect lot of internet worms/virus etc traffic then you need a higher end IPS facing internet. * Separate signature/filtering profiles can be for different segments. Hope this helps. Thanks, Aditya Govind Mukadam On Fri, Feb 13, 2009 at 1:06 PM, Ressa <ressa4299 () yahoo com> wrote:Hi, i was wondering is there any consideration for deploying firewall and IPS. If the IPS should in front of firewall or behind the firewall, and please also add the pros and cons. Regards, Ressa Registered Linux User Number 336566 Linux Newbie The information is provided as is without warranty of any kind. In no event shall the writer be liable for any incidental, indirect or consequential damages of any kind, including, but not limited to : loss of business profits, police knocking on your door, computer crashes, sharks attack, temporary short-term memory loss (some cases reported recently), death of your pet or alien invasion...
-- Saludos! ________________ Javier Reyna CCSE WCSE ISS-CS NSP JNCIA-FWV Consultor en Seguridad jreyna () onlinet com mx www.onlinet.com.mx ,,__ o" )~ ''''
Current thread:
- Firewall and IPS Deployment Ressa (Feb 13)
- Re: Firewall and IPS Deployment Sam Stelfox (Feb 13)
- Re: Firewall and IPS Deployment David Gadoury (Feb 18)
- Re: Firewall and IPS Deployment Javier Reyna (Feb 18)
- Re: Firewall and IPS Deployment aditya mukadam (Feb 18)
- Re: Firewall and IPS Deployment Fadil S (Feb 18)
- Re: Firewall and IPS Deployment Javier Reyna (Feb 18)
- Message not available
- Re: Firewall and IPS Deployment Fadil S (Feb 19)
- Re: Firewall and IPS Deployment Fadil S (Feb 18)
- <Possible follow-ups>
- Re: Re: Firewall and IPS Deployment praveen_recker (Feb 17)
- Re: Firewall and IPS Deployment dan . crowley (Feb 17)
- Re: Re: Firewall and IPS Deployment stcroix111 (Feb 17)