Firewall and VLAN security design
From: Ahmed Ameen (ahmedameen_at_gmail.com)
Date: 10/31/04
- Previous message: Naren: "Re: Defense in Depth"
- Next in thread: David Gillett: "RE: Firewall and VLAN security design"
- Reply: David Gillett: "RE: Firewall and VLAN security design"
- Maybe reply: Ivan Coric: "RE: Firewall and VLAN security design"
- Maybe reply: Ivan Coric: "RE: Firewall and VLAN security design"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 31 Oct 2004 02:45:44 +0200 To: security-basics@securityfocus.com
Hi All,
Currently we are redesigning our LAN to include a DMZ zone, and we
need to reach the best security design.
The available equipments are:
1-PIX with 3 NIC's
2-L3 Switch
3-N-IDS
My preliminary design is as follows
Internet
|
|
--------
|PIX |____DMZ
| |
--------
|
|
LAN
Internet
|
|
--------
|NIDS |____DMZ
| |
--------
|
|
LAN
Internet VLAN1
|
|
---------------
|L3 Switch|____DMZ VLAN2
| |
----------
|
|
LAN VLAN3
My Questions would be:
Is it ok to use a multi homed firewall, or should I conceder 2
physical firewalls, what would be the threat of using one.
Is VLAN segmentation enough to segment between the internet, DMZ and
the internal network, or should I also use different switches for
each, and be connected through the firewall.
Thanks
Firewall and VLAN security design
- Previous message: Naren: "Re: Defense in Depth"
- Next in thread: David Gillett: "RE: Firewall and VLAN security design"
- Reply: David Gillett: "RE: Firewall and VLAN security design"
- Maybe reply: Ivan Coric: "RE: Firewall and VLAN security design"
- Maybe reply: Ivan Coric: "RE: Firewall and VLAN security design"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
