On 11/15/06, phil connelly <fillconn@hotmail.com> wrote:
> I'm afraid I have some really basic questions (I'm trying to resolve a
> potential security issue where I work).
>
> 1. if we are using a router, does that mean a computer that processes credit
> cards does not need to have its firewall enabled?
> 2. can a router have a firewall and if so, how does one get to it to
> configure it?
>
> thx
>
> pc
>
Generally you would want a 'real' firewall in between the router and
the credit card computer. By 'real' I would mean a stateful hardware
firewall at the minimum, something like a PIX. In any case a machine
that is specifically for security of the systems on your cc processor.
so
{internet} ------ [router] ------- [firewall] ----- [credit card processor]
A firewall on the computer is nice, but a general purpose operating
systems are prone to being successfully attacked. Packet filtering on
the router is also a good thing to turn on but neither is a
replacement for the real firewall.
sai
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
|