-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is a common misconception. One of our network guys insists that
the proxy server go "around" the firewall.
Just setup your firewall policy to allow only the proxy to perform
http requests (any ftp, etc). This forces users to use the proxy. In
this case you are using the proxy for bandwidth savings and more
enhanced logging/prevention capabilities. The security is based in
the firewall.
The "proxy" call just means that the web server is making the request
rather than the individual PC.
Hope this helps.
- -----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Carric Dooley
Sent: Tuesday, June 29, 1999 10:45 AM
To: Firewalls List
Subject: HTTP Proxy and FW
[snip]
Here is where I am not totally sure after thinking about it. Can the
proxy server have just one NIC (then how does it proxy?) or do I have
to
subnet the firewall from my Proxy server and put two NIC's in it?
[snip]
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.0.2 for non-commercial use <http://www.pgp.com>
iQA/AwUBN3kPnmtWe+X8gcI5EQK0mQCfa1yHAlQ2OgNL5Pcq2D0lXAhj7RAAoIVp
SluNX8kGp8w0WoQ1UPrRJi89
=hp8L
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
