Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Defense in Depth

from [Gautam R. Singh] Network Security [Permanent Link]
Subject: Re: Defense in Depth
Date: Wed, 27 Oct 2004 22:27:38 +0530 
Hi Ronish,

Why dont u host webservers between the two firewalls instead of 
putting it in 2nd firewalls dmz? that should provide you with more
flexiblility? as when you add new servers you will have to configure 1
firewall & thus the configurations would be simplified.

The security depends on how "well you configure" the firewalls to
protect your network.

Regards,
Gautam

http://gautam.techwhack.com
i am lookin for a job :P 

On Wed, 27 Oct 2004 00:33:45 -0700 (PDT), Ronish Mehta
<sf_mail_sbm@yahoo.com> wrote:


Hi List,

I have a network setup with 2 firewalls

There is a DMZ on the Internet facing firewall

The servers on this DMZ contains servers that host
both "http" and "https" pages

There are no DMZ on the second firewall

From what I understand, this setup is not providing
defense in depth, at least not full defense in depth

I wanted to create a DMZ on the second firewall, and
move servers that host "HTTPS" pages to this new DMZ

Would this new setup improve the security of the
network?

Thanks for comments,

Ronish


__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail




-- 
Gautam R. Singh
PGP Key: http://gautam.techwhack.com/key/

---some stupid disclaimer below---
The information contained in this message is confidential and intended
only for the use of the individual or entity identified. If the reader
of this message is not the intended recipient, any dissemination,
distribution or copying of the information in this message is strictly
prohibited. If you have received this message by error, please notify
the sender immediately.

---stupid comments go here---
+91 nine billion eight hundred and forty eight million, five hundred
and twenty five thousand seventy four
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Is this normal?, Kenneth R Swain II
Next by Date:  Re: Client End Firewalls, GuidoZ
Previous by Thread:  Re: Defense in Depth, Kenneth R Swain II
Next by Thread:  Re: Defense in Depth, Ravi Kumar
Indexes:  [Date] [Thread] [Top] [All Lists]