FWC Client and Network within a Network
- From: "Peter" <pladd@xxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Thu, 21 Jul 2005 10:43:08 -0600
I know this question has been discussed in the past but I am concerned
about whether or not I should install the FWC on all of my User
Workstations or not. Any help would be greatly appreicated.
SITE 1: ISA Server 2004, Ext Interface Connected to "Internet" Router.
Internal Interface connected to 192.168.10.x subnet that has a PPP
connection via a second router to SITE 2 and SITE 3. All Servers (mail,
web, domain et al local to site 1.
SITE 2: Connected to Site 1 and Site 3 via PPP. Local subnet
192.168.20.x. No direct connection to the Internet.
SITE 3: Connect to Site 1 and Site 2 via PPP. Local subnet 192.168.25.x.
No direct connection to the Internet.
SITE 2 and SITE 3 connect to the Internet via the ISA Server on SITE 1.
Question: Should I install the FIREWALL Client on all Desktops at EACH
SITE. In Tom's book there are references to using both the Secure NAT and
the FWC on the remote subnets. I am confused by this. Also, I reply by
Thor (grealy appreciated btw) references installing the FWC on the
Desktops at the Remote sites but using their local router as the DGW.
Ideally, I want to install the FWC on ALL Computers, including the
Exchange Servers, DNS, and DC for the added secure communications. But I
am not sure if I should do this. I have a lab setup but it is a single
subnet lab. Thus, I don't have the equipment to truly test this.
If I install the FWC on the desktops of the remote Clients and Servers,
should I then put their local router as their DGW?
Thank you for any commnets.
PS- I really like this board. I have been reading it daily since I
discovered it. thakns for all the posts.
Other related posts:
