From: Stefan Grey (examplebrain@hotmail.com)
Date: Thu Mar 30 2006 - 14:22:27 GMT-3
Hello guys,
Imagine.... The customer is receiving internet/vpn traffic through router
than goes ASA than local switch and the local network. Everything is fine
and according to the SAFE model.
Second thing.... the customer has the remote office in other city and has
the frame-relay connection between them. Where is it correct solution to put
this ethernet which goes to the remote office?? into ASA DMZ or in the local
switch or to the router??
I just have seen the picture in the SAFE bluepring where was drawn that
frame-relay/ATM connects to the local switch ommiting router and ASA. Is it
secure?? Is it correct??? Isn't it valnurable that if hacker has attacked
the remote office he could without any problems attack from there the CO in
this case??
But in other case if pluging this FR connection to the perimeter router...
then isn't it bad to have both local traffic and internet traffic on the
outgoing interface of the ASA??
Any thoughts??
What do you think from your experience??
Thanks.
This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:40 GMT-3