Two questions about security. In both cases I'm talking
about a route-path, NAT-based load balancing configuration
similar to Figure 4 in Tony Bourke's article at:
1) I don't see much point in putting a firewall in front
of this type of configuration, since most NAT-based
load balancers can do packet filtering, and you usually
only want to open up a small number of ports (80, 443, 22?)
anyway. Does anyone have any success stories or warnings
about running in with configuration?
2) In the figure mentioned above, the public and private
networks are VLAN'd on the same switches. Provided sufficient
access restrictions are in place on the switches, are there
security issues with the VLAN config? I rarely see VLAN config
issues mentioned in network security discussions.
This archive was generated by hypermail 2b30 : Wed Feb 28 2001 - 12:55:27 EST