[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] If a single firewall with 3 NIC's a considered a DMZ?




Try this:

Internet
    |
    |
Firewall ------- Web servers
    |
    |
Internal network


You wouldn't want your web server and other stuff just hangin out in the
breeze like your first example and having two firewalls, while more secure
is a lot of overhead.  This way, you use one firewall to control access to
your DMZ from both the inside and outside networks.

This is what I always understood to be the "classic" DMZ layout.

Jim Edwards
Systems Manager
Texas Secretary of State

-----Original Message-----
From: Allan Pratt [mailto:[email protected]]
Sent: Thursday, January 25, 2001 9:28 AM
To: [email protected]
Subject: [FW1] If a single firewall with 3 NIC's a considered a DMZ?





Hi,

Please help settle some confusion.

If a single firewall with 3 NIC's a considered a DMZ?

I always thought that a DMZ was:

Internet Access router <=>  web/ftp servers & Bastion host     <=>  Firewall

or better yet...........


Internet Access router <=> Firewall <=>  web/ftp servers & Bastion host     
<=>  Firewall


Please clarify

Thanks.




_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================