Firewall Wizards mailing list archives
Re: MS Proxy 2.0 is enough ?
From: cbrenton <cbrenton () sover net>
Date: Wed, 17 Feb 1999 17:33:41 -0500 (EST)
On Tue, 16 Feb 1999, Ferran Rebollar Cervello wrote:
for security reasons we have two isolate LANs: LAN_A and LAN_B. But now, LAN_A users must access an intranet web server in LAN_B and LAN_B users must acces the corporative mail server in LAN_A. Other traffic/services between LAN_A and LAN_B will not be allowed. Using MS Proxy 2.0 is enough ? Better a strong firewall (like Checkpoint's Firewall-1) ?
You have not really provided enough info to gauge how secure of a solution you really need. For example you would be looking at drastically different solutions if LAN_A and LAN_B are public libraries as opposed to financial institutions. If you are just looking for basic security, I would suggest you go the packet filtering route. Something static like 3COM, or even better something dynamic like Cisco. If you go the proxy route, you will be required to use SOCKS (and thus SOCKS aware applications) or the running the workstation client. While this will give you user level security, it also adds an additional level of administration. This can be a good thing if you require user level control or a pain in the butt if you are simply looking for basic access control. Something like a Cisco router goes in the other direction. It would be transparent to your network layout except that it filters out traffic you do not wish to pass. It does not however give you user level access control. So what you really need to do from here is perform a needs analysis and run with a security solution that best fits this need. Cheers, Chris -- ************************************** cbrenton () sover net * Multiprotocol Network Design & Troubleshooting http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet * Mastering Network Security http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
Current thread:
- MS Proxy 2.0 is enough ? Ferran Rebollar Cervello (Feb 17)
- Re: MS Proxy 2.0 is enough ? Riccardo Fontana (Feb 18)
- Re: MS Proxy 2.0 is enough ? cbrenton (Feb 18)
- Message not available
- Re: MS Proxy 2.0 is enough ? dreamwvr (Feb 19)
- Re: MS Proxy 2.0 is enough ? David LeBlanc (Feb 24)
- Re: MS Proxy 2.0 is enough ? dreamwvr (Feb 19)
- <Possible follow-ups>
- Re: MS Proxy 2.0 is enough ? rickshaw (Feb 19)
- Re: MS Proxy 2.0 is enough ? Robert Graham (Feb 25)