Carol, We have a solution where by we set RealSecure up on a VLAN in a DMZ, using our switching and chassis technology. E-mail me if you would like a PowerPoint illustration or further information. Paul [EMAIL PROTECTED] www.intrusion.com HerbalGypsy/justbobthebard wrote: > > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! > ---------------------------------------------------------------------------- > > I would not recommend bypassing the FW with the RS link. > I would not recommend passing the traffic thru the fw. > I would recommend either using the console and engine on that box > or a dedicated console for that one segement of IDS. > just bob > > [EMAIL PROTECTED] wrote: > > > > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to > > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! > > ---------------------------------------------------------------------------- > > > > I would like to put a Real Secure engine on my DMZ and am considering using the > > dual NIC stealth mode setup. The unbound NIC would monitor the DMZ traffic and > > report back to the internal console through an addressed NIC attached to an > > internal segment inside the firewall. While this seems pretty secure, I am > > still bothered by the fact that I would be opening up another pipe from the DMZ > > to the internal network completely bypassing the firewall. > > > > I'm also considering just modifying firewall rules to pass the Real Secure > > traffic between the external engine and the internal console. This too makes me > > somewhat uncomfortable. > > > > I would appreciate any advice on monitoring an external DMZ engine? > > > > Thanks! > > > > Carol Stettler > > GPU Energy
begin: vcard fn: Paul Robinson n: Robinson;Paul org: ODS Networks, Inc. adr: 8400 Normandale Lake Blvd., Suite 920;;;Minneapolis;MN;55437;USA email;internet: [EMAIL PROTECTED] title: Regional Sales Manager, Central West tel;work: 612.921.8510 tel;fax: 612.921.8518 tel;home: 612.308.5822 (Cell) note: www.intrusion.com x-mozilla-cpt: ;0 x-mozilla-html: FALSE version: 2.1 end: vcard
