[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1]
Fred,
About the management aspect, it all depends on the
kind of license you have. If you already have an Enterprise
license you will be able to manage several Firewall modules.
You will also be able to run the Management part from
the
Firewall module himself or separate the Management and the
Module.
With regards to the download of the security policy, the
data should be encrypted, so no need to create a VPN rule
for
this, unless you modified the standard configuration files. Further more the
Implied Rules include security policy
rules
allowing two modules to talk to each other. What I tend to do is disabling those
Implied Rules and define my
own
ones, allowing me to better define what is needed and what should be
dropped.
Met vriendelijke groeten - Bien à vous - Kind
regards -----Original Message-----
From: Katsumi, Fred [mailto:[email protected]] Sent: 06 January 2002 06:45 To: [email protected] Subject: [FW-1] Hi, I have a fairly basic question hopefully. Currently I manage a singe gateway FW1 4.1SP5 on NT. I'm planning to connect a remote site with another FW1 via VPN and want to manage both firewalls from here (central site). Can this still be done with a single gateway or do I need to separate it into a firewall and management modules? Also, I'm not sure how I can push the policy to the remote firewall over the internet without VPN. Do I need to create a rule for installing the policy to both firewalls? An example would be helpful. Thanks.
|