Security Basics mailing list archives
Re: 2 firewalls protecting internal network
From: RobOEM <rd.seclists () gmail com>
Date: Thu, 24 May 2012 18:03:40 +0200
It's not defense in depth. You're implementing the same type of control twice. What you're doing by choosing two vendors is mitigating the risk of failure in the control itself (ie a vuln affecting, say, all Cisco firewalls). The risk you're adding, however, is discrepancy in those controls; another thread in sec-basics http://seclists.org/basics/2012/May/10 stresses the difficulty of managing firewalls. You should know what you're doing if you plan to implement that (ie not defense in depth), and my advice would be not to "stack" them but to put them in a redundant active-passive architecture, with a monitoring in place. And consider looking into management solutions first, then buying from vendors compatible with the management tool you plan to buy. --rob' On Thu, May 24, 2012 at 6:45 AM, marco cohen <marcocohen2 () gmail com> wrote:
hi all I know that there is a defence in depth idea to implement 2 firewalls, each from different vendor. what you think about it ? is it practical? thanks marco ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- 2 firewalls protecting internal network marco cohen (May 24)
- Re: 2 firewalls protecting internal network Stephanus J Alex Taidri (May 24)
- Re: 2 firewalls protecting internal network synja (May 24)
- Re: 2 firewalls protecting internal network RobOEM (May 24)
- RE: 2 firewalls protecting internal network Mike Vella (May 24)
- Re: 2 firewalls protecting internal network Ferreira, Steve G. (May 24)
- RE: 2 firewalls protecting internal network David Gillett (May 24)
- RE: 2 firewalls protecting internal network Dan Lynch (May 24)
- Re: 2 firewalls protecting internal network Mrs. Y. (May 24)
- Re: 2 firewalls protecting internal network olufemimogaji (May 25)
- <Possible follow-ups>
- Re: 2 firewalls protecting internal network kartik . netsec (May 25)
- Re: 2 firewalls protecting internal network Mrs. Y. (May 25)