Re: Firewall and DMZ topology

["Chris Berry" <compjma () hotmail com>]

> From: Erik Vincent <evincent () ndexsystems com>
>              2:   internet -->  Firewall --> LAN
>                                                      --> DMZ
>                            If the Firewall is crack, the DMZ and LAN will 
> be unprotected.
>                            It is far easier to crack a Windows/Linux Box 
> when there is no Firewall at all.
>
>                In my point of view, never use a Firewall with 3 NIC for 
> the above reason. Of course if you are
>                on a tight budget...... I know that CISCO PIX router, use 
> this kind of configuration (#2).

Well, I think the two firewall setup would only be more secure if you were 
using different firewalls, otherwise whatever cracked the first one, would 
most likely also crack the second.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Gold is for the mistress - silver for the maid
Copper for the craftsman cunning in his trade.
"Good!" said the Baron, sitting in his hall
But steel - cold steel is master of them all." -- Rudyard Kipling

_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.  
http://join.msn.com/?page=features/virus


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
    
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
         
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------