'Re: Firewall positioning in Large Network'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       security-basics
Subject:    Re: Firewall positioning in Large Network
From:       Brian Laing <brian () Redseal ! net>
Date:       2007-06-27 17:41:19
Message-ID: C2A7EF4F.199D1%brian () Redseal ! net
[Download RAW message or body]

Mubin,
    This is a tough question to answer without a better understanding of
your network and the various services running on it.  It also comes down to
a security methodology of do you want physical or logical separation.  For
example I prefer to have the perimeter devices as physically separate as
possible.  I have seen people connect their boarder router, F/W, and dmz
severs all onto the same core switch.  This just scares me.  I typically
like the boarder router and fw on one smaller switch and dmz on a second,
then core on a 3rd.  Not all environments can due this.
    you may want to take a look at our website http://www.redseal.net  I
would be happy to hook you up with a demo of our software, I would even do a
webex once you have it up and running to help you with this question.  Let
me know if your interested.

Cheers,
Brian

--------------------------------------------------------------------
Brian Laing
Chief Security Officer
Cellphone:  +1 650.280.2389
Office:     +1 (888) 845-8169 Ext. 805
Email: brian@redseal.net

Redseal Systems  http://www.redseal.net
 
Instant Visibility.  Threats Averted.
-------------------------------------------------------------------



From: Mubin Shaikh <mubines@yahoo.com>
Date: Wed, 20 Jun 2007 04:34:04 -0700 (PDT)
To: <security-basics@securityfocus.com>
Subject: Firewall positioning in Large Network
Resent-From: <security-basics-return-44888@securityfocus.com>
Resent-Date: Wed, 20 Jun 2007 11:28:53 -0600 (MDT)

Hi,

Question - 

What is the best logical placement for firewall in
large network?

If I have 3000+ user organisation with both core and
access switch available, will i connect my firewall to
core switch or access switch ? and why ?

Thanks
-Mubin


      
____________________________________________________________________________
________
Fussy? Opinionated? Impossible to please? Perfect.  Join Yahoo!'s user panel
and lay it on us. 
http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7




[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic