[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
- To: "Allan Pratt" <[email protected]>, <[email protected]>
- Subject: RE: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
- From: "Iztok Umek" <[email protected]>
- Date: Thu, 25 Jan 2001 11:39:25 -0500
- Sender: [email protected]
- Thread-Index: AcCG6wtvlXZe63YaSXqBauS88EnxWgAANk3A
- Thread-Topic: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
Well depends on how you look at things.
With Checkpoint FW-1 even you have 3 NICs you can look something like:
internet-fw-dmz
internet-fw-internal
internal-fw-dmz
dmz-fw-internal
so every connection between NICs actually goes trough firewall. (That is
why you have Inbound, Outbound, Eitherbound applied rules for packets.)
What I am trying to say is: packets traversing from one interface to
another has to pass firewall. So you actually have sort of 3 firewalls
(one between each card).
Regards,
Iztok
> -----Original Message-----
> From: Allan Pratt [mailto:[email protected]]
> Sent: Thursday, January 25, 2001 10:28 AM
> To: [email protected]
> Subject: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
>
>
>
>
>
> Hi,
>
> Please help settle some confusion.
>
> If a single firewall with 3 NIC's a considered a DMZ?
>
> I always thought that a DMZ was:
>
> Internet Access router <=> web/ftp servers & Bastion host
> <=> Firewall
>
> or better yet...........
>
>
> Internet Access router <=> Firewall <=> web/ftp servers &
> Bastion host
> <=> Firewall
>
>
> Please clarify
>
> Thanks.
>
>
>
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================