Should I go for a firewall

dvraghavan1_at_yahoo.com
Date: 05/16/05


Date: 16 May 2005 00:40:39 -0700

Hi all,

I am part of the IT team for a SW Company. We develop/maintain SW for a
few customers around the globe. There are abt 1000 employees in the
org.

For security we are using a Checkpoint firewall on the perimeter.

Now to improve security, we are thinking of going for internal firewall
also.

I plan to subnet the network into different projects.
My requirements for the internal firewall is that different project
teams should not access each other network. Also there will be a subnet
where common servers will be located and this should be accessible.
(VPNs for the client networks are handled by checkpoint)

My boss says a L3 switch with ACL should be sufficient for the internal
firewall whereas I feel we should go for a Netscreen / Cisco PIX as the
internal firewall.

Can I get the views of the people here as to the advantages or
disadvantages of these 2 options.
If there is any other suitable option that I am missing pls give that
too.

Thnx in advance.

Venky



Relevant Pages

  • Re: Should I go for a firewall
    ... we are thinking of going for internal firewall ... > I plan to subnet the network into different projects. ... > firewall whereas I feel we should go for a Netscreen / Cisco PIX as the ... > If there is any other suitable option that I am missing pls give that ...
    (comp.security.firewalls)
  • Re: XP-sp2/98SE network problems
    ... I have the internal firewall on the lap top turned off. ... I do not have any other firewalls running. ... problems I had before when I ran the network autoconfig on the XP laptop. ...
    (microsoft.public.windowsxp.network_web)
  • XP attachments not available
    ... I have a network with several different OS and the XP systems will not allow ... certain *.exe email attachments to be received. ... Exchange server settings. ... in the network settings that an internal firewall is being used. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Mail server publishing
    ... > earlier, you don't actually publish resources, per se, you just allow ... network to mail server this works fine. ... should be just to internal firewall. ... I've looked for ports that are listened, but I didn't find 25 port. ...
    (microsoft.public.isaserver)