[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Switch vs Hubs and VLANS
VLANS are the minimum you should consider for separating your DMZ from your outside interface. However, I wouldn't go this way as your security architecture is then dependent on the quality/performance of your switch manufacturers implementation of VLAN segregation. Your expensive firewall could be circumvented by exploiting a bug in a relatively cheap switch. You also have the additional risk of maintaining your VLAN configuration Given the cost of a couple of IP440s and annual software /hardware maintenance, why take such a risk. Just buy two switches. Regards, Keven -----Original Message----- From: McDougle, Clovis-PxL [mailto:[email protected]] Sent: 28 January 2002 09:32 To: [email protected] Subject: [FW-1] Switch vs Hubs and VLANS I have a pair of Nokia IP440 setup with VRRP running FW1 V4.1 I have been told that using a switch instead of a hub is more secure, can someone please confirm if this is so. Also If I use a switch, can I use VLANS, so I can setup half the switch for my DMz and half for the outside Interfaces. Regards ________________________________________________________________________ Clovis Alexander McDougle New Technologies Manager, Computer Services Tel: +44 (0) 1303 236750, E-mail: [email protected] Portex Limited, Hythe, Kent CT21 6JL, UK Incorporated in England under No:362847 Registered office: 765 Finchley Road, London NW11 8DS, UK This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient please notify us immediately by telephoning and asking for me. You should not copy it or use it for any purpose and not disclose it to anyone else. This E-mail is not intended to constitute a commitment or an offer to enter into a contract by Portex Limited or affiliated company. ******************************************************************** This email may contain information which is privileged or confidential. If you are not the intended recipient of this email, please notify the sender immediately and delete it without reading, copying, storing, forwarding or disclosing its contents to any other person Thank you Check us out at http://www.syntegra.com ******************************************************************** ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|