> 4. A firewall is a firewall. You can setup rules for either interface. > Since this server is a hosting a web site as well, I assume he requires > FTP access to modify his web content. Regardless, most firewalls are > only layer 4 aware and thus allow you to only close or open ports for > access; they do not care what traffic you are passing on those ports. > Some sort of IPS system is required to analayze traffic on layers 5-7 > and mitigate attacks as they are occuring.
Your problem Jay is you are making a blind assumption that when he said "This server is on the public side of CISCO PIX515E Firewall" that the server is indeed protected by the firewall. My interpretation of his statement is that the server is not behind the firewall and has no firewall between it and the Internet. For you to go on about what a firewall does and does not do is worthless in this discussion since it has no bearing what so ever on the point in question. The terms "public" and "private" when used when talking about a firewall generally mean zones or interfaces of the firewall, public meaning the Internet or WAN or otherwise unprotected side and the private meaning the Intranet or LAN or otherwise the protected side of the firewall. Greg will have to post a clarification of what exactly he means by his statement. GEES! John T eServices For You "Seek, and ye shall find!" To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
