|
-
September 4th, 2005, 10:11 PM
#1
New Project - Triple-Decker Firewall Sandwich with Snort on the Side...Need Input
Well, the concept of a firewall sandwich is not new, but I was really bored and got the itch to tinker! 
I got a lot of excess gear to play with back home, and I just downloaded the Trustix Firewall, so I'm contemplating a triple-decker sandwich consisting of a Cisco 1720, a SonicWall Pro 230, and Trustix Firewall. Yeah, I know...It's ultra-paranoid to think you would need such a setup, but I fugured what the hey!
What I envison is the Cisco 1720 being directly connected to the internet, with the private interface being connected to the SonicWall. From there, the SonicWall's VPN and LAN interfaces will go to a Catalyst on seperate VLANS with a Trustix box running Snort on each VLAN.
On the VLAN connected to the SonicWall's LAN port, I'll connect the Trustix Firewall, which will be the perimeter firewall for the LAN. The firewall rules will start out granular at the router, and get tighter and tighter as you move down.
What do you guys think? Anyone else out there ever attempt something so crazy? Just wanted to get you guy's feedback.
Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote