Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DMZ Ideas

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Thu, 30 Sep 2004 21:04:12 -0400
firewalladmin () bellsouth net wrote:

My question is this - What would make a good DMZ for this setup? We have a few suggestions up in the air and it's all 
prliminary stuff right now. Some ideas are VLAN's (in my opinion too much management overhead, room for error and not 
necessarily very secure), seperate subnet on router, etc. The tough part is what do we filter the traffic by? There is 
no "user" to authenticate, only unmanaged readers/devices. 


Can you buy an 802.1X/802.1aa capable switch to use as a
mezzanine network for your wireless? Then you can authenticate
the user reasonably well. The software side for Windows is in
XP service pack 2, and more devices are handling it all the
time...

Lisa Phifer has a pretty good article on this stuff on
http://www.wi-fiplanet.com/tutorials/article.php/3073201

mjr. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: