Basically it would depend what ur trying to protect, And from whom. For eg: if i am allowing my customers (extranet) to access my servers i would protect even from my internal ppl besides the extranet.
-----Original Message----- From: Garrett Allen [mailto:garrett.allen@;erols.com] Sent: Saturday, October 19, 2002 2:39 AM To: [EMAIL PROTECTED] Subject: firewalls and frame relay [7:55915] not strictly a study topic - more a design topic. when designing a wan and interconnecting multiple sites via frame relay, does it improve overall security posture to place firewalls between the internal networks at each remote location and the frame routers? my thought is that it would not improve security in an appreciable way since traffic is over pvc's between each location. you could traffic shape with the firewall by filtering on the egress but a router access list / extended access list would do the same. also, assume no nat is required between locations (for discussion purposes assume you're using a routable class b address - all nodes assigned unique, routable addresses via dhcp) and internet connections (which are firewalled) are on separate links. this isn't connected to a consulting contract or any other for-pay activity - i'm wrapping-up cit to complete the ccnp and looking towards the ccdp in december and would appreciate your thoughts. thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=55932&t=55915 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]