Firewall Wizards mailing list archives
Firewalling between T-1's, an ATM switch and a switched office
From: Steven Ackerman <ackerman_steven () yahoo com>
Date: Fri, 14 Mar 2003 14:57:43 -0800 (PST)
Greetings, I work for a small network consulting firm. Security has not been researched or applied much prior to my arrival. I am trying to change that, although I have limited understanding and less experience. The person I work for directly is trying to setup a Watchguard box with content filtering between two switches and 4 t-1 lines. The setup is as follows: ATM switch with one incoming internet connection, 4 t-1's on the inside (each goes to a different school), 2 Ethernet ports. One ethernet (eth 0) port has a cisco switch which connects another office. The second (eth1) ethernet port connects a watchgaurd box. The Watchgaurd box has 3 ethernet ports on it. My boss wants to route incoming traffic through the Eth0 port to the switch and then to the watchgaurd box and to the appropriate t-1/school and visa verse (sp?). It looks to me like this bypasses the firewall. Can this work through ACL's at the ATM switch. Is this unsafe. How can I explain this is unsafe to an admin that doesn't see how it is unsafe when he can use ACL's on source and destination IP's and ports? Any help would be appreciated. Although I've followed this and the other firewalls list's (and all the infosec god's I know of) for years, I'm very new to all this. This is my first hands on exposure to security. -Steve __________________________________________________ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Firewalling between T-1's, an ATM switch and a switched office Steven Ackerman (Mar 14)