Specifications
3
Firewall Administration System (FAS)
The Setup
Example, Inc., an online bookshop with its headquarters in Nuremberg, has
150 staff. It operates branches in Munich and Frankfurt with office and ware-
house workers and employs ten sales representatives.
The following infrastructure is required for the business to operate:
1 FTP server in the DMZ in Nuremberg
1 FTP mirror in the DMZ in Frankfurt
1 central web server in the DMZ in Nuremberg
1 central mail server in the DMZ in Nuremberg
1 CVS server in the DMZ in Nuremberg
20 Linux or Windows workstations in Munich
50 Linux or Windows workstations in Frankfurt
80 Linux or Windows workstations in Nuremberg
The Headquarters in Nuremberg
eth1:1
192.168.8.14/29
FTP
192.168.8.11 192.168.8.9
WEB Mail
192.168.8.10
eth0
80.80.80.2/28
eth2
192.168.10.1/24
Firewall
CVS
80.80.80.12
eth1
80.80.80.14/29
Intranet
DMZ
Internet
Figure 3.6: The Setup in Nuremberg
In Nuremberg, the bookshop has the entire 80.80.80.0/255.255.255.240
network. Of this, the network 80.80.80.0/255.255.255.252 is used as
a transfer network between the firewall and the provider, The rest is avail-
able for computers in the DMZ. The router of the provider has the IP address
39SuSE Linux – Firewall on CD2