if you have enough IP-addresses it's not a problem to use public IP-addresses in a DMZ, if you don't have enough IP-addresses you can use NAT to hide several inside-IPs on one external IP.
cheers reinhard
At 16:44 09.09.2003 -0400, you wrote:
We are looking to create a dual firewall environment (external and internal). In the middle will be the DMZ. Are DMZ IP addresses typically hidden from the outside world? Aside from hiding this network from the outside world, are there any additional advantages? I'm assuming that if I'm hiding the DMZ addresses, I will need to NAT them. Are there any security issues to NATing for inbound services (i.e. www)? Or is it recommended to simpy route the DMZ IP addresses?
Thanks in advance
������������������������� Kenneth Lee COGNEX Corporation One Vision Drive, Natick, MA 01760
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
-- Reinhard Stich, ASSIST [EMAIL PROTECTED] Internet Security AG, 1190 Wien, Nussdorfer Laende 29-33 Tel: +43 1 370 94 40 RS784-RIPE Fax: +43 1 370 94 40-10
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
