Security Basics mailing list archives

SV: Firewall Basics

From: "Kim Guldberg" <kim () bufferzone dk>
Date: Wed, 21 Jul 2004 23:09:55 +0200

Generally it's a great idea to have different vendor, or rather different OS
based firewalls since having two PIX firewalls would leave you vulnerable to
the same exploits if a hole in PIX was found.

The problem is knowledge. If you are used to work with PIX maybe it's better
to stay with PIX rather then take in a new product/vendor that you don't
know.

One solution could be to use Firewall Builder to build your rule set.
FWBilder can create firewall rule set's for different firewalls (NetFilter,
PIX and FW 1 if I remember correctly)

Best regards 

Kim Guldberg

-----Oprindelig meddelelse-----
Fra: Jennifer Fountain [mailto:jfountain () rbinc com] 
Sendt: 21. juli 2004 17:19
Til: security-basics () securityfocus com
Emne: Firewall Basics

Hi all:

I am designing a "service" network that is separate from our
"production" network.  Our web sites, email server, etc will be
utilizing this network; whereas, internet traffic and vpn traffic will
utilize the other.  My question is in regards to firewalls.  Currently,
I am using a PIX for my production network.  From what I have been
hearing, it is recommended to use two different firewall vendors in this
situation.  Is this a general consensus with all of you?  Or do you
think having another pix would be ok?  Thanks for any info!


Kind Regards,

Jennifer 


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Firewall Basics Jennifer Fountain (Jul 21)
- SV: Firewall Basics Kim Guldberg (Jul 22)
- Re: Firewall Basics NSC (Jul 22)
- Re: Firewall Basics Miles Stevenson (Jul 22)
- RE: Firewall Basics David Gillett (Jul 22)
- RE: Firewall Basics J.Ayoola (Jul 22)
- Re: Firewall Basics jon rodman (Jul 23)
- Re: Firewall Basics Miles Stevenson (Jul 23)
- <Possible follow-ups>
- Re: Firewall Basics eip (Jul 26)