Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 2 firewalls protecting internal network

From: "Ferreira, Steve G." <sferreira () mitre org>
Date: Thu, 24 May 2012 16:56:54 +0000
It adds resilience, with the model of fw-fw-network Š One firewall vendor
may be vulnerable to a particular malware and another may not.  It is
somewhat impractical thouŠ I have seen banks implement this architecture
for some of their mission critical apps.  It is not practical for large
scale deployments and adds little value a lot of complexity in my
opinion...
-- 
Steve Ferreira

MITRE CORP
IA Engineer / PEO C3T TMD
917-2098309
sferreira () mitre org
steve.g.ferreira.ctr () mail mil




On 5/24/12 12:25 PM, "Mike Vella" <mike () bakerross co uk> wrote:


t may not be practical unless you are trying to stop an
specific attack.
There are ways through firewalls that don't depend on vendor specific
details for example tunnelling through ports already open.
If the attacker can tunnel through one , he will tunnel through the other
-
negating your expensive, administrative burdened 2 firewall solution.
Just my opinion.




------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: