On Fri, 7 Jun 2002, Oskar Andreasson wrote: > Another, related, usage is > if we have a redundant firewall (I haven't seen this discussed so far > so.... Consider this: > > 1 main firewall > 1 router > and a secondary firewall. > > The three are set up in a routing zone. If the main firewall goes > down, the router will notice, and route packets through the redundant > firewall. If the NEW target was to allow only SYN packets, this would > be impossible as you can understand from this.
We have been using such a redundant setup for more than a year. It's *not* theoretical. Regards, Jozsef - E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] WWW-Home: http://www.kfki.hu/~kadlec Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
