Re: best corporate firewall

Fredo La Malice Tue, 21 Nov 2000 23:42:24 -0800
It's an architecture problem.

At first you have to definite each subnet. You put on head a hub or a 
switch(better solution) on each subnet.
After that, you put a switch or several of them if needed at the head of
 all switches and you create VLANs to separate every subnets. 
And behind this switch you put a firewall and a router to go through the
 internet.

                          INTERNET
                              |  
                              |
                            ROUTER
                              |
                              |
                           FireWall
                              |
                              |
                          SWITCH(es) with VLAN
            -----------------------------------------
            |        |            |          |      |     ......
           Switch   Switch      Switch     Switch  Switch
           |         |            |          |      |
           Subnet    Subnet       Subnet     Subnet Subnet 

It's a basic architecture but build an architecture on a mailing list is
 not the best way.

Fredo La Malice.


>In a message dated 11/21/2000 7:08:10 AM Pacific Standard Time, 
>[EMAIL PROTECTED] writes:
>
>>  You can have 40 seperated networks on a Sidewinder
>>  (www.securecomputing.com).  The software can handle up to ten 
network cards
>>  with four ports per card.  You would need to do some interesting 
acls but
>>  it is very possible.  I don't have a clue what the performance would
 be and
>>  doing this with any real firewall is going to be a support 
nightmare.
>
>    So this is a software solution. Very nice!
>    But... does the PC bus supports such a need for bandwidth? (40...50
 Fast 
>Eth, plus the filtering stuff, plus logging and maybe some other 
things)
>    I've heard that some people were trying to build such "software 
>firewalls" using PCs and Linux, *BSD or some other nice OS, but the 
problem 
>was always if the PC is actually able to support such a high traffic 
when you 
>really have ^many^ interfaces.
>
>    Is there anyone who succeeded to put many interfaces in a PC 
(running 
>Linux or *BSD)? I mean, at least 16...20 Fast Eth... I see at least two
 
>problems here:
>    1. how many PCI cards can you actually fit into a PC box? 5? 6?
>    2. those nice 4-interfaces-per-card from Intel - are they actually 

>supported by the chosen OS?
>
>-- 
>Sandman
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
Re: best corporate firewall

Reply via email to
