|
Firewall Wizards
mailing list archives
RE: Per application port DMZ segments?
From: "Wes Noonan" <mailinglists () wjnconsulting com>
Date: Tue, 18 Jan 2005 13:18:26 -0600
-----Original Message-----
From: Paul D. Robertson [mailto:paul () compuwar net]
Sent: Tuesday, January 18, 2005 13:03
To: Wes Noonan
Cc: firewall-wizards () honor icsalabs com
Subject: Re: [fw-wiz] Per application port DMZ segments?
On Tue, 18 Jan 2005, Wes Noonan wrote:
2) The well known issue of VLANs and VLAN hopping
Implementation dependent.
[WJN] Cisco shop, so we all know they have been susceptible in the past...
4) The requirement for entirely too many IP subnets in the DMZ
Supernetting is your friend.
[WJN] Hadn't considered that (mostly because I don't want to consider
anything that enables this design), but that's a good idea if I get forced
down this path...
Hardening Network Infrastructure - A concise how to guide
Shoulda put it in the book ;)
[WJN] I did!!! Unfortunately, they want more than just my "expert" opinion!!
<g>
Thanks Paul.
Wes Noonan
mailinglists () wjnconsulting com
http://www.wjnconsulting.com
Hardening Network Infrastructure - A concise how to guide
Available Now!!
Order at http://tinyurl.com/5852cwhich may have no basis whatsoever in
fact."
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
| 
Intro
