[NTLUG:Discuss] (no subject)
A.L.Lambert
max at xjack.org
Thu Mar 15 13:40:34 CST 2001
> internet
> |-- public web/mail server
> firewall
> |-- data base server (for web page/application)
> | (can be accessed by public web/mail server?)
> |
> |- internal network (intranet)
>
> on this configuration, the intranet is more secure than the 1st one, but how
> do you protect the web/mail server being attacked?
This is my preferred architecture. Things that speak to the
public internet should be secure enough to live there without a firewall.
Firewalls are for protecting workstations; servers should be configured
securely in the first place. (IMHO, YMMV, etc.).
--
A.L.Lambert
------------------------------------------------------------------------
The problems that exist in the world today cannot be solved by the level
of thinking that created them...
-Einstein
------------------------------------------------------------------------
More information about the Discuss
mailing list