| I expect that the AFWNT would have the SAME dependencies as the AFWU
in these respects - that is the AFWNT does need and internal mail hub,
and, if operating a hidden name service configuration, does require an
internal host to act as a primary name server.
The thing that worries me is what gave you the impressions that the
AFWNT did not have these dependencies?
BTW - the next release of the AFWU (V3.0) will resolve the need to
have an internal primary name server for hidden name service configurations.
Instead you will be able to operate both "internal" and "external" name
services on the firewall host with a special name service proxy, running
on port 53, "deciding" which name service a particular request is
directed to.
It will always be the case that the AFW family of products, by default,
requires you to have an internal mail hub as we believe that it is not
secure to place your mail hub on a host accessible from the red net, given
that it is liable to contain alot of information about your organisation.
We strongly recommend that in all case a separate internal mail hub
performs this role so that loss of your firewall host etc does not have
an immediately detrimental effect on your internal operational effectiveness.
Mark
(Any chance of a job in marketing?)
|
| I thought the UNIX and NT had the same dependencies, if in Hidden DNS
anyways, that you MUST have an Internal Primary DNS system. And a
Internal Mail system because the firewall, for mail, just relays the
information to an internal mail hub for processing.
Regards,
|