[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] If a single firewall with 3 NIC's a considered a DMZ?

To: "Allan Pratt" <[email protected]>, <[email protected]>
Subject: RE: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
From: "Iztok Umek" <[email protected]>
Date: Thu, 25 Jan 2001 11:39:25 -0500
Sender: [email protected]
Thread-Index: AcCG6wtvlXZe63YaSXqBauS88EnxWgAANk3A
Thread-Topic: [FW1] If a single firewall with 3 NIC's a considered a DMZ?


Well depends on how you look at things.

With Checkpoint FW-1 even you have 3 NICs you can look something like:

internet-fw-dmz
internet-fw-internal
internal-fw-dmz
dmz-fw-internal

so every connection between NICs actually goes trough firewall. (That is
why you have Inbound, Outbound, Eitherbound applied rules for packets.)

What I am trying to say is: packets traversing from one interface to
another has to pass firewall. So you actually have sort of 3 firewalls
(one between each card).

Regards,
	Iztok

> -----Original Message-----
> From: Allan Pratt [mailto:[email protected]]
> Sent: Thursday, January 25, 2001 10:28 AM
> To: [email protected]
> Subject: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
> 
> 
> 
> 
> 
> Hi,
> 
> Please help settle some confusion.
> 
> If a single firewall with 3 NIC's a considered a DMZ?
> 
> I always thought that a DMZ was:
> 
> Internet Access router <=>  web/ftp servers & Bastion host    
>  <=>  Firewall
> 
> or better yet...........
> 
> 
> Internet Access router <=> Firewall <=>  web/ftp servers & 
> Bastion host     
> <=>  Firewall
> 
> 
> Please clarify
> 
> Thanks.
> 
> 
> 
> 
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
> 
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Network monitor
Next by Date: RE: [FW1] OWA
Prev by thread: RE: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
Next by thread: RE: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
Index(es):
- Date
- Thread