RE: ONE NIC??
- From: "Matthew Carpenter" <giddyboy@xxxxxxxxxxx>
- To: "Matthew Carpenter" <giddyboy@xxxxxxxxxxx>, "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 11 Sep 2002 12:16:23 -0500
The basic question is whether I can use the Intrusion Detection (IDS)
features with only one NIC. I have the following layout:
I---Router---PIX---ISA (proposed)
|
DMZ
----- Original Message -----
From: "Quillman Shawn (RBNA/CIT7)" <Shawn.Quillman@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, September 11, 2002 12:08 PM
Subject: [isalist] RE: ONE NIC??
http://www.ISAserver.org
You asked if you could use one nic instead of two. What exactly are the
features you want to use?
Proxy- yes
Caching- yes
IDS- Do you mean ident simulation? If so, depends on how your network is
configured and what your gateway device is.
-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CIT7
38000 Hills Tech Drive
Farmington Hills, MI 48331
(248) 553-1164 (P) (248) 848-2855 (F)
shawn.quillman@xxxxxxxxxxxx
-----Original Message-----
From: Matthew Carpenter [mailto:giddyboy@xxxxxxxxxxx]
Sent: Wednesday, September 11, 2002 12:06 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ONE NIC??
http://www.ISAserver.org
Can I get a little more input on this please??
----- Original Message -----
From: "Matthew Carpenter" <giddyboy@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, September 11, 2002 9:46 AM
Subject: Re: [isalist] RE: ONE NIC??
I understand all of that, but will I be able to use the other features such
as IDS?
----- Original Message -----
From: "Quillman Shawn (RBNA/CIT7)" <Shawn.Quillman@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, September 11, 2002 9:38 AM
Subject: [isalist] RE: ONE NIC??
http://www.ISAserver.org
If you're just going to use it in cache mode one nic will work. It just
means that your client apps have to support proxying, then configure them to
point to your ISA. Then on the ISA either make sure the default route is
set to your Internet gateway and configure your routing rule(s) to retrieve
content direct from source, or configure routing rules to forward to an
upstream proxy. Depends on what your gateway device is (router, separate
firewall, etc).
-Shawn
-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CIT7
38000 Hills Tech Drive
Farmington Hills, MI 48331
(248) 553-1164 (P) (248) 848-2855 (F)
shawn.quillman@xxxxxxxxxxxx
-----Original Message-----
From: Matthew Carpenter [mailto:giddyboy@xxxxxxxxxxx]
Sent: Wednesday, September 11, 2002 10:31 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] ONE NIC??
http://www.ISAserver.org
I am reading through Dr. Shinder's book (thanks all for the suggestion) and
I am looking over my install options.
I do not really need the firewall feature, but I do want to use caching,
proxy, and IDS features. Do I NEED 2 NICs to do that? I have one internal
address for the machine I want to use, and do not really want to add a
public address. I can adda NIC and put it on the DMZ, but is that
necessary? Let me know your thoughts/experience. TIA
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
giddyboy@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
giddyboy@xxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
