Well depends on how you look at things.
With Checkpoint FW-1 even you have 3 NICs you can look something like:
internet-fw-dmz
internet-fw-internal
internal-fw-dmz
dmz-fw-internal
so every connection between NICs actually goes trough firewall. (That is
why you have Inbound, Outbound, Eitherbound applied rules for packets.)
What I am trying to say is: packets traversing from one interface to
another has to pass firewall. So you actually have sort of 3 firewalls
(one between each card).
Regards,
Iztok
> -----Original Message-----
> From: Allan Pratt [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 25, 2001 10:28 AM
> To: [EMAIL PROTECTED]
> Subject: [FW1] If a single firewall with 3 NIC's a considered a DMZ?
>
>
>
>
>
> Hi,
>
> Please help settle some confusion.
>
> If a single firewall with 3 NIC's a considered a DMZ?
>
> I always thought that a DMZ was:
>
> Internet Access router <=> web/ftp servers & Bastion host
> <=> Firewall
>
> or better yet...........
>
>
> Internet Access router <=> Firewall <=> web/ftp servers &
> Bastion host
> <=> Firewall
>
>
> Please clarify
>
> Thanks.
>
>
>
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
