[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] slightly OT - multihoming (?)
A couple of principles that come to my mind are:
1. Put in the DMZ only those devices you want the public to see, use,
and (invariably) attack.
2. If you need a backup machine, it should generally be in a server farm
(not intended for public access) with copy or move mechanisms set up to
move data from the DMZ machines to the backup media.
What you have described seems a risky scenario to me...
Mark
Richard Marshall wrote:
Hello,
Sorry this is slightly off-topic, but I can't find any appropriate
information on the net.
I need to know how 'safe' mutlihoming a computer is....
Some of my collegues have built a backup computer (veritas software,
routing disabled - I hope!!) that has 2 NICs in it. One with an IP on
our public facing DMZ, one with an IP on our secure internal LAN. I am
strongly against this setup as I feel it compromises the security of our
internal LAN, but I can't find any information that will confirm or deny
this. Could someone please advise me, or know any where that I can find
some specific information on this?
Thanks in advance
rich
Richard Marshall
...snip...
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================