There are a couple of different reasons why one might want multiple, physically seperate firewalls. In practice, I've found 3 reasons why this solution is implimented.
The most common scenario that I've found is using two different types of firewalls one in front of the other (e.g. a SPF a la Checkpoint and an App Gateway a la Axent). The rationale is that if a method is discovered to comprimise one type of firewall, it is unlikely to work against a firewall of a different type. This arrangement is a common requirement in military and defense contractor arenas.
The second reason that I've found is related to performance. Generally, in this implimentation there are simpler (from a ruleset perspective), higher performance firewalls (or routers with access lists) on the outside (protecting servers accessed from the net), and slower, more secure firewalls inside (protecting backend functions such as billing and management). This arrangement is common in an ISP/ASP scenario.
Lastly (and most bogus) is when there are seperate spheres of administrative control. I usually find this when the people who are in charge of DMZ security are different from (and at odds with) the people doing interior security. Unpleasant, but sometimes nesessary.
- Ken
- [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]