Re: Advise: protect LAN from two non-trusted networks

From: ELE OLO (dingtan_at_eleolo.com)
Date: 09/30/03

• Next message: ELE OLO: "Re: Thicko here needs help please...."
• Previous message: Linux Lover: "Re: Diskless Linux based firewalls?"
• In reply to: Bob Walker: "Advise: protect LAN from two non-trusted networks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 30 Sep 2003 08:15:43 -0700

Hi, Bob,

I think that the NetScreen 200 series products, and I think also the
NS-25/50 products [with the Screen0S 3.1 or later - labelled as E1-E4]
 have the flexibility built in for you to configure multiple UNTRUST
interfaces into
ONE single appliance.

I think prior to OS 3.1, only ports 1-3 are active for NS-25 .

Dean, NCSA,CCSA,SANS GSEC,EIT

"Bob Walker" <r042wal@no.spam.sympatico.ca> wrote in message news:<eE4eb.525$r.226144@news20.bellglobal.com>...
> I am working on a project that involves merging a Federal network with a
> local police LAN. Before the Federal network will merge, the local LAN has
> to be secured with an EAL4 rated firewall appliance.
>
> The local police LAN is only 8 workstations. The LAN is connected to the
> Internet with a router. The LAN is also connected to the Provincial network
> which is also not secure. I have to secure this network before the federal
> network is merged and I don't have a lot of money at my disposal.
>
> I would like to use Netscreen appliances such as the 5XP, but near as I can
> determine, I am going to need an appliance to protect the LAN from the
> Internet and an appliance to protect the LAN from the Provincial network.
>
> Some police agencies have used CISC PIX 500 series appliances, and it has
> also been suggested that I consider an appliance with two untrusted
> interfaces although I have not found any.
>
> I am open to any suggestions.
>
> TIA

---

• Next message: ELE OLO: "Re: Thicko here needs help please...."
• Previous message: Linux Lover: "Re: Diskless Linux based firewalls?"
• In reply to: Bob Walker: "Advise: protect LAN from two non-trusted networks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Advise: protect LAN from two non-trusted networks ... Thanks Dean. ... Before the Federal network will merge, the local LAN ... I am going to need an appliance to protect the LAN from the ... (comp.security.firewalls) Re: nm-applet / Gnome Network Manager: How to stop it from connecting to networks I dont want ... Manager) and "Network Monitor"? ... deals with the interfaces NOT configured in that file. ... leave me alone when I'm at the office and using the regular LAN. ... the fixed over wireless and connect to your office LAN. ... (Ubuntu) Advise: protect LAN from two non-trusted networks ... Before the Federal network will merge, the local LAN has ... to be secured with an EAL4 rated firewall appliance. ... The local police LAN is only 8 workstations. ... (comp.security.firewalls) RE : Router problems on Redhat 9.0 Linux 2.4.20-13.9.HOSTAP ... I have two network interfaces: a LAN interface ... > on both interfaces. ... When I make a ping from WLAN network ... Your eth0's network contains of the wlan IP range. ... (RedHat) Re: Problem with setting up a networking interface ... Lan connecting to 5 computers. ... After modifying the interfaces file, as shown below, I am able to restart ... # The first network card - this entry was created during the Debian ... (Debian-User)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.firewalls  > 2003-09