Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Firewall positioning in Large Network

from [Jesse Eaton] Network Security [Permanent Link]
Subject: RE: Firewall positioning in Large Network
Date: Fri, 22 Jun 2007 20:29:34 +0200 
Then your answer is a relatively simple one. Your firewall should be placed
at the Gateway, on your link to your upstream service provider.

Of course, the important part now is to sit down and write out a
configuration plan to address what services/ports or nodes needs specific
access out to the external network, and maybe more importantly what
service/port traffic you will allow in and to what machines. Do you serve
public web pages, for instance?

If your organization doesn't have any branch networks or VPN clients, for
instance, then that inbound traffic should be pretty limited...

Hope this helps.
-Jesse


-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Mubin Shaikh
Sent: Thursday, June 21, 2007 5:47 PM
To: Steve Armstrong; security-basics@securityfocus.com
Subject: RE: Firewall positioning in Large Network

Hi,

There is flat network (no VLAN). This firewall is the ONLY firewall in
network. This firewall's main function is to protect internal network
(trusted LAN) from external world (internet). All the users are in LAN.

Hope i am able to put all required information.

Regards
-Mubin




--- Steve Armstrong
<stevearmstrong@logicallysecure.com> wrote:


Mubin

Sorry for being curt, but I think we would need a little more 
information as to what you are trying to protect and from whom.

Firewalls are designed to separate LANs of differing risk and user 
groups, but your email seems to lack <any> clarification of where your 
users sit in relation to the data you wish to protect.

Steve A

-----Original Message-----
From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com]
On Behalf Of Mubin Shaikh
Sent: 20 June 2007 12:34
To: security-basics@securityfocus.com
Subject: Firewall positioning in Large Network

Hi,

Question -

What is the best logical placement for firewall in large network?

If I have 3000+ user organisation with both core and access switch 
available, will i connect my firewall to core switch or access switch 
? and why ?

Thanks
-Mubin


 


________________________________________________________________________

____________
Fussy? Opinionated? Impossible to please? Perfect. 
Join Yahoo!'s user
panel and lay it on us.


http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7








 
____________________________________________________________________________
________
It's here! Your new message!  
Get new email alerts with the free Yahoo! Toolbar.
http://tools.search.yahoo.com/toolbar/features/mail/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Capture Traffic and then reply it again after modifying it, Joseph Brown
Next by Date:  Re: need suggestion - pen-test tools, nate kelly
Previous by Thread:  RE: Firewall positioning in Large Network, Mubin Shaikh
Next by Thread:  RE: Firewall positioning in Large Network, Hesham Sabry
Indexes:  [Date] [Thread] [Top] [All Lists]