On Thu, 2005-06-09 at 10:20, Kamil dot Wencel at hvbpensionsfonds dot de wrote:
> [...] "I am amazad how lack of phantasy can try to diminish a perfectly good question."
> 
> for multiple dmz's for example, if one box fails the others get nothing to work
> with anyways, 

Correct if the firewall dies, but if a server on DMZ1 is compromized,
there is still no access to DMZ2, DMZ3 etc (except for the pinholes to
the other DMZs if that's requeired ;-) )

> so using one box with multiple interfaces is okay from my point of view. 


-- 
Henning Wangerin <post plus 050127 at henning dot wangerin dot dk>
-- 
Henning Wangerin <mailinglists dash after dash 041101 underscore reply dash not dash possible at hpc dot dk>