> Your network security folks are smoking the big crack rock. Indeed, but they also have HIPPA regs to worry about, so it's only moderately large hallucinogen blocks.
> > Anyhow, here's how you'd do that other thing I was talking about > Switch -----------FW--------------Switch > OSA OSA > Tier One GW Tier Two GW > GLAN GLAN > Tier One Hosts Tier Two Hosts > [...] > It works, but it pushes a lot of traffic off the box that doesn't ever > need to leave the frame. You might also look at the IEEE VLAN support. If the switches can support 802.11p VLAN trunking, that would give you a chance at having the necessary connection density to support all those trips in and out of the box w/o going completely bankrupt buying OSAs. Trouble is, very few of the commercial firewalls can handle .11p directly, so you get to buy a lot of firewall hardware for (as Alan said) little benefit. -- db
