There are many possible "correct" answers. The key factor is protecting yourself against the worst case scenario. If you have one firewall with three cards that's only one box for someone to take over. If you use two separate boxes to create your DMZ the hacker has to go through two firewalls to reach your internal network. It is a good idea to have different configurations (firewall type and OS) on each firewall box.
A router on your external border can be used to trim down DoS attacks but shouldn't used as security wall. Another key factor is cost. Unfortunately that's usually the biggest problem for a small company. (Thank you OpenBSD!) Todd -----Oprindelig meddelelse----- Fra: Derrenbacker, L. Jonathan [mailto:[EMAIL PROTECTED]] Sendt: 2. april 2002 20:41 Til: '[EMAIL PROTECTED]' Emne: DMZ - 2 firewalls, or 1 firewall + 1 router I heard that you can make a DMZ with a router and a firewall. Is that a good way to make a DMZ, or should you use 2 firewalls? Thanks in advance.
