Vince/Jim et al:
OTOH, does it not make sense to make your firewall server it's own domain and
then create a one way trust to your network domain (firewall being the trusting
domain and the network being trusted)? That way, you don't have to create all
the users on your firewall box.
You can't do that unless the box is a part of a domain. In this case, it would
probably be the only box on the domain, ergo the PDC.
Regards,
Tom
Web Developer, HealthFirst
(212) 801-6214
==============================================
The opinions contained herein are mine and mine alone. I am fortunate
that HealthFirst allows me to express them to you, but they are not
responsible for what I say.
==============================================
The basic concept is that your Firewall should not be trusted to anything on
your network. The bottom line is that
if you trust your Firewall to your DMZ and your Firewall is compromised, so goes
your DMZ.
Jim Lemieux
Does anyone know why Firewall-1 for NT recommends installing the software on
a workgroup instead of a domain(member server)? If so, won't I have to setup
separate accounts for each user? I'm planning on a DMZ with three NIC cards.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
