Here's an interesting network/firewall integration issue that I am seeing pop up in multiple areas. One Cisco switching chassis, a two ported firewall, and two VLANs. One VLAN considered untrusted, one considered trusted; X firewall plugged into each of these logical VLANs with untrusted interface plugged into untrusted VLAN port, etc. In what way is this secure? I am not fond of this setup, but can this be documented secure? Can anyone claim to have circumvented the logical partitioning the VLANs provide (short of having physical access and moving cables or gaining administrative access to the switch and reprogramming). Looking for fodder to shoot this design spec down and physically seperate the security domains or for respected background on the security of doing so. bc - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
