At 09:02 AM 1/17/01 -0800, you wrote:
>I am not certain if this is the place to ask this and if not please let
>me know where to send it.
>
>I have a client who has the following configuration
>
>Internet -> router -> firewall -> load balancer
>
>The connection from the router to the firewall is on a switch and the
>connection from the inside interface of the firewall is on the same
>switch. The separation is done using VLANS.

Why not

Internet
|
router
|cross-over cable
firewall
|
switch/hub

That's similar to what we have here.

How much does it cost to make/get a cross-over cable?

It's a lot harder for a hacker subvert a cross-over cable remotely e.g.
social engineering for instance but you should take care of that as well.

Personally when secure network equipment is required I like cross-cables
and really "dumb" hubs and switches.

Putting those newfangled switches with built-in webservers on the
"insecure" side sounds silly to me. Actually putting those particular type
of switches anywhere sounds silly too, esp when you have curious people in
your network.

As for reliability and management: how often do "dumb" hubs fail? They're
practically wires hooked together.

Seems to me that it's the smart switches which fail. One of our ISPs
apparently had a problem with their "advanced" switches and had to firmware
patch it. International connectivity was < 22kbps at one point. Doh. And I
had to point out the problem to them- doh^2.

Cheerio,
Link.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]