Security Basics mailing list archives
Re: Firewall Basics
From: Miles Stevenson <miles () mstevenson org>
Date: Thu, 22 Jul 2004 14:30:53 -0400
On Wednesday 21 July 2004 11:18 am, Jennifer Fountain wrote:
I am designing a "service" network that is separate from our "production" network. Our web sites, email server, etc will be utilizing this network; whereas, internet traffic and vpn traffic will utilize the other. My question is in regards to firewalls. Currently, I am using a PIX for my production network. From what I have been hearing, it is recommended to use two different firewall vendors in this situation. Is this a general consensus with all of you? Or do you think having another pix would be ok? Thanks for any info!
My advice is pretty much in-line with everyone else's: stick with what you know best. While in theory you can gain security by using diverse firewall platforms, the gains are probably minimum compared to other security practices. To put it another way, ask yourself "Is the rest of the security throughout my network really so good that using two different kinds of firewalls would be a good use of my time?" Spend those resources on better log analysis, integrity checking, network intrusion detection, incident response preparation, etc, etc. You will gain a lot more using those resources elsewhere. =) -- Miles Stevenson miles () mstevenson org PGP FP: 035F 7D40 44A9 28FA 7453 BDF4 329F 889D 767D 2F63 --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Firewall Basics Jennifer Fountain (Jul 21)
- SV: Firewall Basics Kim Guldberg (Jul 22)
- Re: Firewall Basics NSC (Jul 22)
- Re: Firewall Basics Miles Stevenson (Jul 22)
- RE: Firewall Basics David Gillett (Jul 22)
- RE: Firewall Basics J.Ayoola (Jul 22)
- Re: Firewall Basics jon rodman (Jul 23)
- Re: Firewall Basics Miles Stevenson (Jul 23)
- <Possible follow-ups>
- Re: Firewall Basics eip (Jul 26)