Funny you should ask that, I just got through looking at an article in
Network Computing on DMZ's. Check it out at
http://www.networkcomputing.com/1214/1214ws1.html
Also just a few opinions. First you really won't need the proxy/firewall if
you get the PIX. Second you will see a big speed increase if traffic doesn't
have to got through the proxy/firewall. Third VPN traffic can terminate on
the PIX or pass through to a VPN concentrator (probably over kill). Just my
2 cents worth.
Scott
On Wed, 4 Jul 2001 06:49:59 -0400, Sammi wrote:
> Hello all,
>
> I'd like to setup a DMZ in the near future and am still pondering
> purchase of a PIX box.
> Our interface to the outside world is through a Cisco 1600.
>
> So the DMZ would go:
>
> 1600 -> PIX -> ? -> ISA box (microsoft proxy/firewall)
>
> I know I don't want the PIX talking directly to the ISA, but not too
> clear what I'm going to put in between, and why (functionality). Our
> webpages are hosted off site by a third party, I would want to keep my
> mail server inside right? I would like to set up VPN in the future,
> should it go through the box between the firewalls?
> The DMZ doesn't simply double the challenge does it? As in "ok, you
> got through one firewall, now try the next".
>
> Any enlightenment greatly appreciated.
_______________________________________________________
Send a cool gift with your E-Card
http://www.bluemountain.com/giftcenter/
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=12036&t=10970
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]