1. does a firewall need or prefer to be managed by the external or internal
interface, or does it matter?
It depends on what your are trying to accomplish?
Global Centralized Management of all firewalls?
It also depends on the architecture of the firewalls..
Is your management station on the internal or external side of the firewall?
Please input a little more information...
2. Is dns accessed at all, when fwd is running, to determine an object's ip
address or does it just use the ip address that is defined for the object?
I am not completely sure on this issue, but I would assume that once the
firewall has the IP address for a object defined it wouldn't need to query
DNS.
When setting up the object it might, if you click the get IP address box.
Seems like you are a little unfamiliar with the concepts of Firewall-1
I would recommend the following sites for more information:
www.phoneboy.com/fw1
http://www.enteract.com/~lspitz/
The checkpoint manuals might help some also, but beware of incomplete and
erroneous information.
Best Regards,
Fabian J. Oliva
Security Consultant
Sprint Enterprise Network Services
CCSE MCSE CCNA N+
"My opinions are purely my own and not of my employer, client, their sister,
brother or cousins friends brothers roommate, or anyone named Fred"
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
