Security Basics mailing list archives

RE: Firewall positioning in Large Network

From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 20 Jun 2007 12:34:59 -0700

  Generally, a firewall is a policy enforcement device, and so
what policy you're enforcing will dictate placement.

  The vast majority of firewalls are designed to provide border 
gateways between networks with different policies, so knowing
where your gateways/routers are placed will offer a strong clue 
to where the firewall(s) will be most effective.

David Gillett

-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of Mubin Shaikh
Sent: Wednesday, June 20, 2007 4:34 AM
To: security-basics () securityfocus com
Subject: Firewall positioning in Large Network

Hi,

Question - 

What is the best logical placement for firewall in large network?

If I have 3000+ user organisation with both core and access 
switch available, will i connect my firewall to core switch 
or access switch ? and why ?

Thanks
-Mubin

______________________________________________________________
______________________
Fussy? Opinionated? Impossible to please? Perfect.  Join 
Yahoo!'s user panel and lay it on us. 
http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7

Current thread:

Firewall positioning in Large Network Mubin Shaikh (Jun 20)
- Re: Firewall positioning in Large Network Ansgar -59cobalt- Wiechers (Jun 20)
- RE: Firewall positioning in Large Network Hargiss, Jeff (Jun 20)
- RE: Firewall positioning in Large Network David Gillett (Jun 20)
- RE: Firewall positioning in Large Network Steve Armstrong (Jun 20)
  - RE: Firewall positioning in Large Network Mubin Shaikh (Jun 22)
    - RE: Firewall positioning in Large Network Jesse Eaton (Jun 22)
- RE: Firewall positioning in Large Network Hesham Sabry (Jun 20)
- Re: Firewall positioning in Large Network Brian Laing (Jun 28)
- <Possible follow-ups>
- Re: Re: Firewall positioning in Large Network evilwon12 (Jun 20)