Richard,
I am also currently pursuing an Internet connection for my company. At
first I chose a configuration similar to the one you have explained below;
however, after studying different material related to firewalls I soon found
out that this configuration can be dangerous ( in my opinion ). Basically,
once you connect that gate machine with dual interfaces to your Internal
backbone you are extending your " Trusted Computing Environment " into you
internal network. So in other words, you no longer have an isolated
" Trusted Computing Environment ". It is true that most of the literature
that I have read mentions the " Dual - Homed Gateway ", but it is my
understanding that this is not at all secure. You might be interested in
reading the paper by Marcus Ranum " Thinking About Firewalls ", it helps
explain the pros and cons of the different firewall configurations. It can
be found at csrc.ncsl.nist.gov:/pub/secpubs/fwalls.ps.
Good luck,
Aaron
aaron @
sdt .
com
P.S. I am a beginner, so if what I have stated is faulty do not hesitate
to correct me.
On Jun 29, 3:27pm, "Vegsund, Richard" wrote:
> Subject: Help!
>
> Someone recommended ( within my company ) to set up a configuration that is
> basically a router connected to the internet ( no filtering), a outside
> gateway with 2 ethernet cards(one going to an internal router, and the other
> going to the internal backbone), and no inside application gateway. Please
> help me explain what is wrong with this one. I know something's not right,
> but I didn't know how to communicate this.
>
>-- End of excerpt from "Vegsund, Richard"
References:
-
Help!
From: "Vegsund, Richard" <MISRHV @
infosvcs .
tmh .
tmc .
edu>
|
|
