"The benefit that you get from private addressing is that you can grow your
internal IP networks without worrying about running out of addresses(using
10.0.0.0 for example). Also, You can eliminate the risk of inadvertently
using other networks legitimate addresses." You have to consider the
effort of
changing the IP addresses in the whole network! Some people combine, both
registered IP addresses with private IP addresses. This way you can still
use your existing IP addressing and then add private address for new subnets.
(try to use DHCP).
If you want to connect your private network to the Internet, it is
a good idea to use a firewall.You want to control the access to your
network. Too many hackers out there! Also, because you are not suppose to
advertise RFC1918 to the Internet, you can use the firewall to do Network
Address Translation(NAT). The Cisco PIX is an excellent solution for this
type of network.
I'm working in a project using registered ip addresses, private
ip address, NAT, DHCP and the PIX firewall. If you want to talk about
implementing something similar in your network or if you have
any questions, please don't hesitate to page me:(888)812-2098
____________________________________________________________
INTERNATIONAL NETWORK SERVICES
____________________________________________________________
Frank Santiago Phone: (919)319-0400 x346(INS)
Network Systems Engineer Pager: (888)812-2098
Cisco Certified, CCIE #2651
____________________________________________________________
I LOVE THIS GAME
At 03:00 PM 11/3/97 +0800, M S Szeto wrote:
>Dear all,
>
>Does anybody know if my private network is going to be connected
>to the Internet, what are the most appropriate approach relating to
>network security on using the IP addressing scheme on my private
>network?
>
>If I follow the RFC1918, what are the benefit? Is a firewall
>still be necessary connected between my private network and Internet?
>
>Many thanks.
>
>
References:
|
|
