Security Basics mailing list archives
RE: Network Design
From: "Cherian M. Palayoor" <cpalayoor () cwalkergroup com>
Date: Tue, 26 Aug 2003 10:25:40 -0700
Chris, Further to your suggestion of a Cisco 2600 router to be setup as a firewall. With the kind of memory requirements that the Cisco Firewall IOS image demands (48 MB for the FW-IDS-3DES), coupled with the cost of licensing the IOS, wouldnt it make better sense to purchase a Pix for a few hundred bucks more. Regards CP -----Original Message----- From: Halverson, Chris [mailto:chris.halverson () encana com] Sent: Tuesday, August 26, 2003 8:39 AM To: 'Jeff McClintock'; security-basics () securityfocus com Subject: RE: Network Design Jeff, I personally like the 2600 series of routers from Cisco, gives you a robust firewall/router and allows a lot of configuration. As well as is not overly expensive. They will also scale if your company grows past 50. Make sure you buy the support package, Download the Cisco configurator and you are off to the races... You will find a lot of stuff out there, so make sure to talk to companies in your area, find out their area's of expertise and do get some contractor's in to do the work, ensuring that they document EVERY step they do, as well as passwords to the devices. You will have it up and running quickly and hopefully securely. (Remember price is not always as important as good creditials and references) Chris Halverson Security Administrator EnCana Corporation -----Original Message----- From: Jeff McClintock [mailto:lord_fiery () yahoo com] Sent: Monday, August 25, 2003 1:51 AM To: security-basics () securityfocus com Subject: Network Design Hello, I've been tasked with creating my first ever network. Definitely exciting, but lots of stuff to know :) Given that, I wanted to run this by you guys and get some opinions. I work for a small firm of 20-25 employees that use Windows 2000 and XP exclusively. They are planning to scale to a maximum of 50 people within a year. They have a full T1, and want to have an FTP server, VPN and OWA access. Web hosting is done by their ISP. Does this seem like a pretty secure set up for them: Internet -> Firewall -> (DMZ) FTP/OWA server (DMZ) -> DMZ Firewall -> Corporate LAN (with Exchange, employee machines, etc...) If so, any rec's on firewalls for something like this? Since it's a small firm, price is always an issue. thanks jm --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ---------------------------------------------------------------------------- Scanned by Webshield E250 Scanned by Webshield E250 --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- RE: Network Design, (continued)
- RE: Network Design David Gillett (Aug 26)
- RE: Network Design Justin F. Knox (Aug 27)
- Re: Network Design Tomas Wolf (Aug 27)
- Re: Network Design pablo gietz (Aug 27)
- RE: Network Design DeGennaro, Gregory (Aug 26)
- Re: Network Design Lee Rich (Aug 26)
- RE: Network Design Halverson, Chris (Aug 26)
- RE: Network Design Smith, Chris (Aug 26)
- Re: Network Design salgak (Aug 26)
- RE: Network Design DeGennaro, Gregory (Aug 26)
- RE: Network Design Cherian M. Palayoor (Aug 26)
- Re: Network Design Chris Berry (Aug 27)