Yes, it means implementing more than one firewall as application gateway (if
its an ALG firewall), to protect one corporate subnet from another and from
the Internet.
Syed
>From: "Steven Pierce" <[EMAIL PROTECTED]>
>To: "Eessa Kamal" <[EMAIL PROTECTED]>
>CC: [EMAIL PROTECTED]
>Subject: Re: An eye opener for firewall lovers
>Date: Tue, 29 Aug 2000 19:04:10 -0700
>
>
>Thank you. That was good. One of the questions that I have is the text in
>bold.
>What kind of multiple lines of defense can someone use?? Does this mean
>more then one firewall or just many layers of security.??
>
>The panel also recommended a number of additional steps for "hardening"
>firewalls, including use of strong authentication protocols,
>"anti-spoofing"
>mechanisms and highly restrictive access rules. At the same time, they
>called on the IT community to abandon the "single firewall" model of
>network
>security and implement multiple lines of defense.
>
>
>*********** REPLY SEPARATOR ***********
>
>On 8/29/2000 at 8:54 PM Eessa Kamal wrote:
>
>I am sure the following article is appropriate for this forum...
>
>
>Date: Sun, 13 Aug 2000 19:52:47 PDT
>From: "Peter G. Neumann"
>Subject: Hackers breach Firewall-1
>
>[Source: David Raikow, Sm@rt Partner, 2 Aug 2000
>http://www.zdnet.com/zdnn/stories/news/0,4586,2610719,00.html]
>
>An audience of several hundred network security professionals watched
>with
>rapt attention last week as a trio of hackers repeatedly penetrated one
>of
>the industry's most trusted and popular firewall products -- Checkpoint
>Software's Firewall-1. The demonstration, presented at the "Black Hat"
>security conference in Las Vegas, challenged the widely accepted notion
>that
>firewalls are largely immune to direct attack.
>
><SNIP>**********************************************
>
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
