[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] VLAN - a semi-firewall related question

To: <firewalls@lists.gnac.net>
Subject: [FW1] VLAN - a semi-firewall related question
From: "Ivan Fox" <ifox100@hotmail.com>
Date: Thu, 21 Oct 1999 17:26:26 -0400
Sender: owner-fw-1-mailinglist@lists.us.checkpoint.com


It is a semi-Firewall related question.

A firewall for the Extranet allows, say 10 vendors, contractors, to connect
to it.  There are two options that we can think of:

Option 1:
Have 10 NICs in the firewall.  This option is clumsy, but it is secure in
the sense that competitive suppliers cannot sniff each other's data.

Option 2:
A smarter approach, one says.  Have an intelligent switch connecting to a
NIC in the firewall.  Each port of the switch is isolated, a VLAN approach.
Competitive suppliers cannot "peer" into each other's data.

Being a non-router/switch guy.  How can I configure and secure the switch?
I have also heard a router guru mentioned  that, in order to provide
security, we should not use intelligent switch as someone connect to the
console of a switch, he/she can sniff the packets.

Any pointers are appreciated.

Thanks,

C.K.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] RE: Checkpoint and Citrix - NAT problem --- SOLVED
Next by Date: [FW1] RE: Sun or SCO
Prev by thread: [FW1] RE: Checkpoint and Citrix - NAT problem --- SOLVED
Next by thread: [FW1] CyperCop and alike
Index(es):
- Date
- Thread