Firewall Wizards mailing list archives
RE: securing DB access from the DMZ
From: "Carl Friedberg" <friedberg () exs esb com>
Date: Thu, 21 Feb 2002 01:02:18 -0500
Banking? This got past independent auditors?? I won't hype any products. I will say that you are 100% correct about that second NIC; either of your 2 solutions would be better than the current situation. If you can get management to sign off, the second firewall will isolate your more sensitive resources. Is there a security policy in place? If not, do that first, go to management, have them sign off on it, then implement. Carl (BTW, are there multiple VLANs in the Catalyst?) -----Original Message----- From: wasabi_pea () hushmail com [mailto:wasabi_pea () hushmail com] Sent: Wednesday, February 20, 2002 4:48 PM To: firewall-wizards () nfr com Subject: [fw-wiz] securing DB access from the DMZ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 {Internet} | | [Cisco router] | | [Cisco PIX 520]---DMZ---[IIS 4 Webserver] | (Second NIC) | | [Cisco Catalyst 6509]-------------+ | | +---------------[DB Server] _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- securing DB access from the DMZ wasabi_pea (Feb 20)
- Re: securing DB access from the DMZ Holger Kipp (Feb 21)
- Re: securing DB access from the DMZ Ryan Russell (Feb 21)
- <Possible follow-ups>
- RE: securing DB access from the DMZ Carl Friedberg (Feb 21)
- Re: Re: securing DB access from the DMZ wasabi_pea (Feb 21)
- RE: securing DB access from the DMZ Scott, Richard (Feb 27)