Secure server - Firewalls

This is a discussion on Secure server - Firewalls ; I have a network with firewall. My internal workstations have access ton Internet. I will like to add a sever on the internal network which should not have an access to Internet. Only internal computers should have access to this ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Secure server

  1. Secure server

    I have a network with firewall.
    My internal workstations have access ton Internet.
    I will like to add a sever on the internal network which should not
    have an access to Internet.
    Only internal computers should have access to this server.
    Do I need to setup a second firewall?

    Thanks


  2. Re: Secure server

    In article <1166501293.855436.116750@73g2000cwn.googlegroups.c om>,
    mk wrote:
    >I have a network with firewall.
    >My internal workstations have access ton Internet.
    >I will like to add a sever on the internal network which should not
    >have an access to Internet.
    >Only internal computers should have access to this server.
    >Do I need to setup a second firewall?


    Most firewalls are able to do the appropriate blocking (supposing
    that the server does not "spoof" the address of a different machine.)

  3. Re: Secure server

    hmm,

    well, i think you should apply an extended access-list if you have a
    cisco router/firewall. another solution is not to define the default
    gateway on your server and it wont reach the internet

    On Dec 19, 9:12 am, rober...@hushmail.com (Walter Roberson) wrote:
    > In article <1166501293.855436.116...@73g2000cwn.googlegroups.c om>,
    >
    > mk wrote:
    > >I have a network with firewall.
    > >My internal workstations have access ton Internet.
    > >I will like to add a sever on the internal network which should not
    > >have an access to Internet.
    > >Only internal computers should have access to this server.
    > >Do I need to setup a second firewall?Most firewalls are able to do the appropriate blocking (supposing

    > that the server does not "spoof" the address of a different machine.)



  4. Re: Secure server


    I would like to fully isolate server from Internet (both ways).
    I am using a Linux box as a firewall.
    Maybe third NIC will solve my problem.
    My current setup include 3 networks (one is physically
    isolated from Internet).
    This works well but each user has two computers (one with connection
    to Internet (behind firewall) and second one connected only to separate
    internal server (without Internet).
    Ideally I will like to have just one workstation per user
    (with connection to Internet and secure server) but I cannot sacrifice
    security of my internal server.


    c0rn_phlex wrote:
    > hmm,
    >
    > well, i think you should apply an extended access-list if you have a
    > cisco router/firewall. another solution is not to define the default
    > gateway on your server and it wont reach the internet
    >



+ Reply to Thread