Re: [FW-1]

Subject:	Re: [FW-1]
From:	"Figaro, Nicolas" <nfigaro AT CDCIXIS-CM DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Mon, 6 Oct 2003 18:39:27 +0200

Hi,

1 : it depends on how your routes are managed.
It's easier (sometimes harder to build but easier to maintain) to have a
full dynamic
routing network. but for the firewall admin, it means more ports to
open, multicast adresses to allow,
and a lot of doc reading.
the frontier between network and security becomes thinner and thinner.

2: sometimes, you're forced to use dynamic routing
if you want to forward multicast, you can't use vrrp or hsrp.
so for redundancy reasons you're forced to use dynamic routes.

I don't know anything about other protocols (bgp, etc.), so don't ask me
about those ones :)

Nicolas Figaro

-----Original Message-----
From: Gwydion Mine [mailto:Gwydion AT MYREALBOX DOT COM]
Sent: lundi 6 octobre 2003 18:13
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1]


Hello,

Can you folks please tell me what your thoughts are on firewalls in a
dynamic routing environment? (OSPF/RIP)

This is for open discussion. I'm not looking for people to write back
and ask me for a more specific question...I just want to know what
everybody's opinions are, from a security point of view, on the
configurations they've worked on.

thanks a lot!!

Gwyd

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1], Gwydion Mine [FW-1] Dynamic Routing on FW-1 (was Re: [FW-1]), Crist Clark Re: [FW-1], Figaro, Nicolas <= [FW-1], Mateo Cabrera [FW-1], mike . feetham [FW-1], Jefffrey Larson [FW-1], lennys [FW-1], brian_dell2 [FW-1], robg [FW-1], Mark Devanney [FW-1] How to provide decent QoS for shoutcast streams?, Maciej Sołtysiak [FW-1], <Rindee L. Maccdonald > [FW-1], volker . tanger

Previous by Date:	[FW-1], Gwydion Mine
Next by Date:	[FW-1] Dynamic Routing on FW-1 (was Re: [FW-1]), Crist Clark
Previous by Thread:	[FW-1] Dynamic Routing on FW-1 (was Re: [FW-1]), Crist Clark
Next by Thread:	[FW-1], Mateo Cabrera
Indexes:	[Date] [Thread] [Top] [All Lists]