On Tue, Sep 07, 1999 at 08:15:00AM +1000, Pearson, Arran wrote:
> this is a good point, time after time I see this type of configuration at
> client sites and have yet to understand the full reasoning behind it - you
> are really using a screening router to protect a firewall? Does not make
> sense.
If has a few advantages.
a) a router before or behind the firewall can be used to do the actual
(dynamic) routingm, can run routing protocols and can be used to connect
quite different medias.
b) a screening router before the firewall can keep a compromised firewall
from sniffing any traffic which is not destinated to the firewall.
Greetings
Bernd
--
(OO) -- [EMAIL PROTECTED] --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
