Date: Thu, 10 Jun 2004 21:35:22 -0500 From: Skylar Thompson <skylar@cs.earlham.edu> To: "B.Bonev" <b_bonev@mail.orbitel.bg> Cc: freebsd-questions@freebsd.org Subject: Re: Scheme for securing LAN Message-ID: <20040611023522.GA94060@quark.cs.earlham.edu> In-Reply-To: <002201c44e15$e4c34a20$0200a8c0@server> References: <002201c44e15$e4c34a20$0200a8c0@server>
next in thread | previous in thread | raw e-mail | index | archive | help
--AhhlLboLdkugWU4S Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jun 09, 2004 at 02:32:31PM +0300, B.Bonev wrote: > Hi FreeBSDers, I have a simple question. >=20 > What scheme for securing LAN is better? >=20 > =20 >=20 > Internet >=20 > | >=20 > Apache _____ FreeBSD ____LAN >=20 > Web Server Firewall >=20 > =20 >=20 > or >=20 > Internet >=20 > | >=20 > FreeBSD >=20 > Firewall >=20 > | >=20 > Apache >=20 > Web Server >=20 > | >=20 > FreeBSD >=20 > Firewall >=20 > | >=20 > LAN >=20 > =20 >=20 > What are advantages and disadvantages of two? >=20 > I know that is much more important how tuned Firewalls, Web Server and wo= rkstations behind are. >=20 > Is there any difficulty for workstations that should works in Internet, b= ecause of two Firewalls? Not really. You'll have the advantage of a secured DMZ but, the real question is, do you really need the added complexity? You need to say more about *why* you want to do this? How many users are you supporting? What's coming off the web server? etc. --=20 -- Skylar Thompson (skylar@cs.earlham.edu) -- http://www.cs.earlham.edu/~skylar/ --AhhlLboLdkugWU4S Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAyRpqsc4yyULgN4YRAjqlAJ9DVnHYutsnuhQfoxSXsd0xCy3L8wCfVRxe /f+0LPCeyyZnnoIUQbYDcLk= =1m6e -----END PGP SIGNATURE----- --AhhlLboLdkugWU4S--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040611023522.GA94060>