Security Basics mailing list archives

RE: Firewall Basics

From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 21 Jul 2004 11:13:36 -0700

  On the one hand, you can further harden your security by adding
a firewall of a different type/vendor between your trusted network
and the outside world.  This complicates your security administration,
however, so the benefits need to be weighed carefully.
  On the other hand, if a PIX is sufficient for your current security
and performance needs, you might consider adding a "DMZ" (service
network) interface to your existing PIX, instead of paying for a 
whole additional box.

David Gillett

-----Original Message-----
From: Jennifer Fountain [mailto:jfountain () rbinc com]
Sent: Wednesday, July 21, 2004 8:19 AM
To: security-basics () securityfocus com
Subject: Firewall Basics

Hi all:

I am designing a "service" network that is separate from our
"production" network.  Our web sites, email server, etc will be
utilizing this network; whereas, internet traffic and vpn traffic will
utilize the other.  My question is in regards to firewalls.  
Currently,
I am using a PIX for my production network.  From what I have been
hearing, it is recommended to use two different firewall 
vendors in this
situation.  Is this a general consensus with all of you?  Or do you
think having another pix would be ok?  Thanks for any info!

Kind Regards,

Jennifer 

--------------------------------------------------------------
-------------
Ethical Hacking at the InfoSec Institute. Mention this ad and 
get $545 off 
any course! All of our class sizes are guaranteed to be 10 
students or less 
to facilitate one-on-one interaction with one of our expert 
instructors. 
Attend a course taught by an expert instructor with years of 
in-the-field 
pen testing experience in our state of the art hacking lab. 
Master the skills 
of an Ethical Hacker to better assess the security of your 
organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
--------------------------------------------------------------
--------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Firewall Basics Jennifer Fountain (Jul 21)
- SV: Firewall Basics Kim Guldberg (Jul 22)
- Re: Firewall Basics NSC (Jul 22)
- Re: Firewall Basics Miles Stevenson (Jul 22)
- RE: Firewall Basics David Gillett (Jul 22)
- RE: Firewall Basics J.Ayoola (Jul 22)
- Re: Firewall Basics jon rodman (Jul 23)
- Re: Firewall Basics Miles Stevenson (Jul 23)
- <Possible follow-ups>
- Re: Firewall Basics eip (Jul 26)