|
Posted by Security Freak on February 4, 2006, 9:01 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>We have a 'text book' 3-tier ebusiness infrastructure ...
>
>pix -- web server -- netscreen -- app server -- ip tables -- database server
>
>and am considering retiring the ip-tables, moving the pix to that space,and
>using netcontinuum at the perimeter mainly for their ability to provide a
>complete proxy service for the web front-end even to the point of
>terminating ssl ... allowing the first line of ids's to see what's going on.
>
>Comments / experiences would be appreciated.
>
>BernieM
>
>
BernieM
From looking at there diagram at this link
http://www.netcontinuum.com/docLibrary/get.cfm?n=70 I think I would
still want to protect my server and other devices that are behind the
Perimter with another application layer Firewall. I.E.
SidewinderG2--- netcontinuum -- Webserver -- Pix-- Database server
You can put the webserver in its own DMZ and still protect all of your
other clients on another interface.
Might be a little over kill, depending on how important your data is.
Just my .02 cents
| 
XML site map