I need to setup a firewall solution for our network. I've been reading the
HOWTO's, and this mailing list and several other sources, but I'd like to
get a little human advice and expereince.
internet---router/firewall1---+---router/firewall2---Internal
| network
+--Mail/DNS (secondary)
|
+--Proxy/DNS (Primary)
the above is what I've seen to be the best method to use, were firewall1
would use filters and IP masq and only allow the Mail and Proxy addresses
through to the Internet.
the second firewall(2) would use some elaborate type of firewalling using
filters, IP masq, IP chains, etc.
my questions are:
1. is it safe to combine the Proxy with a firewall? or keep firewalls as
single application machines?
2a. do IP filter, Chains, MASQing work as well as say commercial solutions
such as Checkpoint's firewall-1 package?
2b. if not, then is there some cheaper solution than firewall-1 that runs on
LINUX? (firewall-1 does not according to checkpoints website)
3. is firewall2 needed (I assume we could live without this, but I believe
this is the most secure)
any advice is greatly appreciated,
thanks,
--Ben Burnett
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
