Jpmalai: A DMZ is generally a sort of 'buffer zone' between a private network and the Internet. They are established to provide a way to make limited amounts of information available to the 'public' while preserving the security of a corporate network. In general, they are set up so that requests for information (web pages, etc.) go to a separate area (machine). This machine typically has limited contact with the corporate network (information on the web server might be 'pushed' to the server by a specific machine/process on the corporate network) to prevent hackers/crackers from gaining unauthorized access to resources on the corporate network. The three card firewall allows machines in the DMZ to be located on a different network segment from the production environment, thus isolating them more effectively. The three card concept also allows (among other things) the production network to be effectively isolated from the public network, since the only 'visible' address would be the card connected to the internet. The firewall would be responsible for analyzing requests made to the 'public' address and routing them to the appropriate resource (generally on the DMZ). Hope this helps your understanding a little. I'm sure others will chime in with more info and/or references/sites to help you. Regards, Tom Web Developer, HealthFirst (212) 801-6214 ============================================== The opinions contained herein are mine and mine alone. I am fortunate that HealthFirst allows me to express them to you, but they are not responsible for what I say. ============================================== - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
