This topic has been archived. It cannot be replied.
-
工作学习 / 专业技术讨论 / 关于是否仍需要firewall请教有经验DX。我的公司采用了新的wan连接两个office。service provider提供了一个atm的ubr电路(100mbps)和一个0.5mbps的cbr电路。service provider称是layer 2 dedicated line,不需再在两头用firewall配tunnel了。但我上回在论坛里见到有个帖子说是dedicated line也需要firewall。不知是为什么?是否真需要tunnel来保护信息?
-pnpn(双飞雁);
2006-4-6
{182}
(#2889925@0)
-
你的专线是二层的概念, firewall是三层和三层以上的概念。 两者不太沾边。 “保护信息”是加密的概念, 也和firewall不沾边, what you really wanted?
-bugfree(BugFree);
2006-4-6
(#2890057@0)
-
My intention of firewall is to create IPSec tunnel to encrypted the traffic.
-pnpn(双飞雁);
2006-4-7
(#2891927@0)
-
I guess it depends on the sensitivity of your data. although it's a dedicated layer 2 circuit but the security offered on these circuits are
-coolj(酷不起来);
2006-4-7
{703}
(#2890502@0)
-
Thanks. You get the point. Since I already ask the service provider about this issue, and they said no need of encryption, I think they guarantee this is a real 'dedicated' line: no other user in it.However, as you said, this is acrossing multiple switches,so ' the man in the middle ' should be concerned.
I'd like to give some more specific information:
The equipment at my end is cisco 3550, the backbone is ATM network. I just curious that how an intruder can sniff the traffic in such a WAN environment. Does anyone know about this?
Yes. I already have encryption equipment - firewalls. I can use them to create IPsec tunnel. But it will slow down the network.
-pnpn(双飞雁);
2006-4-7
{480}
(#2891919@0)