RE: [FW1] Best Practices for managing a firewalls

Reed Mohn, Anders Wed, 23 Aug 2000 06:28:51 -0700

I always thought the theory was:

Any service can be compromised. Therefore we should
keep the number of services on the FW to a
minimum.

Cheers,
Anders :)


> -----Original Message-----
> From: Joerg Oertel [mailto:[EMAIL PROTECTED]]
> Sent: 23. august 2000 15:05
> To: [EMAIL PROTECTED]
> Subject: Re: [FW1] Best Practices for managing a firewalls
> 
> 
> 
> ON Wed, 23 Aug 2000 08:48:52 -0400, Robert MacDonald wrote:
> 
> >It may have been in reference(don't remember)
> >to not running any other applications _on_ the
> >firewall. But instead, use another system to do
> >the anti-vius scanning.
> >
> >Robert
> 
> Noone could explain in detail yet, why it's not recommended 
> to run the 
> CVP server on the firewall machine. When you have enough mem 
> (machines 
> never swapping), enough CPU power (over 90% idle time), enough 
> bandwidth in the network (10-15 % utilization) and fast disks (for 
> excessive logging and accounting), where should the bottleneck be?
> 
> Sounds to me like a modern urban myth.
> 
> Or is there anybody who can provide us with further insight?
> 
> Regards,
> 
> J�rg
> 
> 
> // pallas  GmbH  ............  Joerg Oertel  ...........
>    Hermuelheimer Str. 10       System engineer                   
>    D-50321 Bruehl, Germany     [EMAIL PROTECTED]           
>                                phone  +49-(0)2232-1896-0 
>    http://www.pallas.de        fax   +49-(0)2232-1896-29
> ........................................................
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> >
> >- -
> >Robert P. MacDonald, Network Engineer
> >e-Business Infrastructure
> >G o r d o n   F o o d    S e r v i c e
> >Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
> >
> >>>> Raymond Cheung <[EMAIL PROTECTED]> 8/23/00 1:58:14 AM >>>
> >>
> >>Dear Sirs,
> >>
> >>This is a reply of the mail "Best Practices for
> >>managing a firewalls" I saw it on the mailing.
> >>
> >>In this topic, there is a point that not run any
> >>anti-virus.  Why ?
> >>
> >>thks,
> >>
> >>Raymond Cheung
> >
> >
> >
> >
> >=====================================================================
> ===========
> >     To unsubscribe from this mailing list, please see the 
> instructions at
> >               http://www.checkpoint.com/services/mailing.html
> >=====================================================================
> ===========
> 
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
RE: [FW1] Best Practices for managing a firewalls

Reply via email to
