Re: Defense in DepthOct 27 2004 04:57PM Gautam R. Singh (gautam singh gmail com)
Hi Ronish,
Why dont u host webservers between the two firewalls instead of
putting it in 2nd firewalls dmz? that should provide you with more
flexiblility? as when you add new servers you will have to configure 1
firewall & thus the configurations would be simplified.
The security depends on how "well you configure" the firewalls to
protect your network.
Regards,
Gautam
http://gautam.techwhack.com
i am lookin for a job :P
On Wed, 27 Oct 2004 00:33:45 -0700 (PDT), Ronish Mehta
<sf_mail_sbm (at) yahoo (dot) com [email concealed]> wrote:
>
> Hi List,
>
> I have a network setup with 2 firewalls
>
> There is a DMZ on the Internet facing firewall
>
> The servers on this DMZ contains servers that host
> both "http" and "https" pages
>
> There are no DMZ on the second firewall
>
> From what I understand, this setup is not providing
> defense in depth, at least not full defense in depth
>
> I wanted to create a DMZ on the second firewall, and
> move servers that host "HTTPS" pages to this new DMZ
>
> Would this new setup improve the security of the
> network?
>
> Thanks for comments,
>
> Ronish
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - You care about security. So do we.
> http://promotions.yahoo.com/new_mail
>
--
Gautam R. Singh
PGP Key: http://gautam.techwhack.com/key/
---some stupid disclaimer below---
The information contained in this message is confidential and intended
only for the use of the individual or entity identified. If the reader
of this message is not the intended recipient, any dissemination,
distribution or copying of the information in this message is strictly
prohibited. If you have received this message by error, please notify
the sender immediately.
---stupid comments go here---
+91 nine billion eight hundred and forty eight million, five hundred
and twenty five thousand seventy four
Why dont u host webservers between the two firewalls instead of
putting it in 2nd firewalls dmz? that should provide you with more
flexiblility? as when you add new servers you will have to configure 1
firewall & thus the configurations would be simplified.
The security depends on how "well you configure" the firewalls to
protect your network.
Regards,
Gautam
http://gautam.techwhack.com
i am lookin for a job :P
On Wed, 27 Oct 2004 00:33:45 -0700 (PDT), Ronish Mehta
<sf_mail_sbm (at) yahoo (dot) com [email concealed]> wrote:
>
> Hi List,
>
> I have a network setup with 2 firewalls
>
> There is a DMZ on the Internet facing firewall
>
> The servers on this DMZ contains servers that host
> both "http" and "https" pages
>
> There are no DMZ on the second firewall
>
> From what I understand, this setup is not providing
> defense in depth, at least not full defense in depth
>
> I wanted to create a DMZ on the second firewall, and
> move servers that host "HTTPS" pages to this new DMZ
>
> Would this new setup improve the security of the
> network?
>
> Thanks for comments,
>
> Ronish
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - You care about security. So do we.
> http://promotions.yahoo.com/new_mail
>
--
Gautam R. Singh
PGP Key: http://gautam.techwhack.com/key/
---some stupid disclaimer below---
The information contained in this message is confidential and intended
only for the use of the individual or entity identified. If the reader
of this message is not the intended recipient, any dissemination,
distribution or copying of the information in this message is strictly
prohibited. If you have received this message by error, please notify
the sender immediately.
---stupid comments go here---
+91 nine billion eight hundred and forty eight million, five hundred
and twenty five thousand seventy four
[ reply ]