Scheme for securing LAN
Skylar Thompson
skylar at cs.earlham.edu
Thu Jun 10 19:35:45 PDT 2004
On Wed, Jun 09, 2004 at 02:32:31PM +0300, B.Bonev wrote:
> Hi FreeBSDers, I have a simple question.
>
> What scheme for securing LAN is better?
>
>
>
> Internet
>
> |
>
> Apache _____ FreeBSD ____LAN
>
> Web Server Firewall
>
>
>
> or
>
> Internet
>
> |
>
> FreeBSD
>
> Firewall
>
> |
>
> Apache
>
> Web Server
>
> |
>
> FreeBSD
>
> Firewall
>
> |
>
> LAN
>
>
>
> What are advantages and disadvantages of two?
>
> I know that is much more important how tuned Firewalls, Web Server and workstations behind are.
>
> Is there any difficulty for workstations that should works in Internet, because of two Firewalls?
Not really. You'll have the advantage of a secured DMZ but, the real
question is, do you really need the added complexity? You need to say more
about *why* you want to do this? How many users are you supporting? What's
coming off the web server? etc.
--
-- Skylar Thompson (skylar at cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040610/4781f624/attachment.bin
More information about the freebsd-questions
mailing list