[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Multi-tier Firewall topology
Actually, everything behind FW and in front of the PIX is a traditional DMZ. I personally don't use different vendor FWs but if you're fearful of exploits or problems with a particular box, this is fine. Be aware of your network segments and address space though. I'm not sure how you're planning this exactly but FW-1 only routes and does not bridge. Chris -----Original Message----- From: Paul Murphy [mailto:[email protected]] Sent: Wednesday, May 02, 2001 7:28 AM To: [email protected] Subject: [FW1] Multi-tier Firewall topology I am still in two minds about having a two levels of firewall protection from alternate manufacturers, ie having a Firewall-1 box, then a Cisco PIX, then your protected network: Internet----FW1----CiscoPIX---InternalNet Has anyone had any experience where this kind of configuration has proved an effective deterrent? Many thanks Paul Murphy ---------------------------------------------------------------------------- ----------------------------------------------- CRESTCo Ltd. The views expressed above are not necessarily those 33 Cannon Street. held by CRESTCo Limited. London EC4M 5SB (UK) +44 (020) 7849 0000 http://www.crestco.co.uk ---------------------------------------------------------------------------- ----------------------------------------------- ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|