> I think that the term DMZ (de-militarized zone which is also called > no-man's land) loses its useful meaning if it is used for a segment on the > inside of a firewall. I know that it is commonly used for a semi-protected > segment on the third NIC of a firewall.
Okay, I think that perhaps there is misunderstanding as to what my *extremely* simple statement meant, due in no small part to its constant intentional misinterpretation on the part of another. *This* is what I was describing: Internet-----Firewall-----DMZ-----Firewall-----<[see below] -----< may be connected to two [or more] different networks- at least one of which is semi-private and the other(s) of which is/are internal. *Therefore*, what you refer to as a DMZ and what I refer to as a DMZ are no different. I term the DMZ as outside the internal firewall. You term the DMZ as outside the *only* firewall. Still a DMZ. The difference is, my DMZ isn't wide open to the Internet, nor are any semi-private segments. Laura _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
