Good Morning,
I have one problem after last discussion with our IS group. See the diagram
M1 M2 M3 Mn
__|_____|____|___..............__|__ ( IP range A.x.0.0 ) ----->
Class A addresses
|
|
Firewall software ( TIS is being proposed)
|
Router ( packet filtering)
|-------------------------------------------------------------> DNZ is
proposed here as a common point of two network with sniffer to avoid traffic
to another side.
........................|...................................................
............................................................................
.....................................................
|
NT Server ( the Server will access the shared drive and user
access list of Master domain ) A.1.y.0
( This is server for machine M1, M2...Mn and print server
etc.)
|
|
NT Master server .. A.1.z.0
Note : The blue area is client side and red area is under IS group, who
doesn't want anybody to access a machine ( except Exchange server, internet
server, DNS, and shared drive on Master server ) beyond Router and vice
versa.
am I clear ?? I m little bit confused with proposed idea. My Question is ..
1> is it possible that NT server outside of Firewall can do its job.
2> Security is an issue but nor priority for IP A.x.0.0 but it is highly
important for A.1.0.0 (red part). Is the idea is ok ??
3> Do we need TIS ( or any you think better ??) or just a Cisco router 3640
with IOS firewall based on packet filtering is enough for security of
A.x.0.0.
I need your suggestion please.
Thanks a lot for your time.
Sanjeev
>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
