Date: Thu, 22 Nov 2001 12:28:14 -0800 From: Steve Francis <steve@expertcity.com> To: cjclark@alum.mit.edu Cc: Fernando Germano <fgermano@audiotel.com.ar>, security@FreeBSD.ORG Subject: Re: Best security topology for FreeBSD Message-ID: <3BFD5FDE.171EA3A@expertcity.com> References: <00ca01c172aa$814c90d0$ed64a8c0@audi2k> <20011122031739.A226@gohan.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
"Crist J. Clark" wrote: > A much better design, is > > Internet > | > | > Firewall1 > | > | > DMZ > | > | > Firewall2 > | > | > Internal > > (This design is actually where the term "DMZ" comes from since it > actually looks like one here.) > > And in your case... that many NICs in one machine... I hope you have a > dedicated stand-by. It's screaming "single point of failure." I would > really consider NOT using one machine for all of this. Of course, your design has even more single points of failure.... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BFD5FDE.171EA3A>