|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] External and internal interfaces identification
Title: RE: [FW-1] External and internal interfaces identification If you buy a limited IP license, you only get to nominate one interface as 'external'. All others are considered to be 'protected interfaces'. So even if you set up a DMZ or EDMZ (Extranet De-Militarised Zone), those hosts are considered to be internal. When you plan your license, you need to take those hosts into account (count them in the license). If however, you have two 'real' external interfaces (e.g. a DDS connection for corporate traffic and an xDSL to service http traffic), then you have a real problem, because FW-1 will blow the license count immediately. In this case you need two firewalls or an Enterprise license. If you connect to other networks (e.g. through ISDN or Frame), and you want to use your firewall to protect you from those networks as well as the internet, then the only solution is to have two firewalls or an enterprise license again... Hope this isn't bad news ;-) Craig Little B.Sc, CPD, CPI, SCJD, CCSA, CCSE
www.layer-0.com
Ph: 02 4648 2855
-----Original Message-----
Hello, I (will) have a firewall with multiple internal and external interfaces. How does FW-1 know which ones are internals and other externals?
Thanks for your help. Francois
===============================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
