On Wed, 7 Jun 2000, Pete Sangas wrote:
> Our company would like to be accessible via two different ISP's where both
> ISP connections are active (not a primary/backup situation).
>
> Does anyone know if this can be accomplished by using two external
> NIC's on a Firewall or is a router required.
Generally you'll want a router so that complex routing daemons don't have
to run on the firewall itself.
> Both Internet connections will be DSL and most likely an NT based
> Firewall will be used (FW-1, Raptor, Gauntlet...etc).
You may find that DSL providers aren't willing to route other's address
space over their media, I'm not sure what the operational issues are
there, but just like LAN admins who don't like running multiple address
spaces on a single subnet, I'd guess that there may be some resistance to
it from the DSL providers (my understanding of DSLAMs is light though,
and I've never worked with a DSL provider in any significant way.)
In either case, you'll need to work with your providers, so you should
talk to at least one of them now. If they can't help explain the
necessities to you you're going to have significant problems when it comes
to operational implementation anyway.
If you're not planning on putting in a screening router or some other
packet filtering device (irregardless of the number of connections),
you're ignoring the long-held notion of defense in depth- do so at your
own risk.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
