8 years ago
from t'Internet to a proxy server.
Now this calls for a DMZ to segregate the system running the proxy server
from the 'green' internal network.
My security experience is old school corporate:
Firewall/Router (incoming/outgoing calls allowed)
DMZ with server(s) handling incoming calls
Firewall/Router (incoming calls from DMZ ONLY!)
Green (outgoing calls depending on role).
This calls for a minimum of two Firewall/Routers to allow physical
separation between t'Internet, DMZ, and Green.
Googling so far in the context of the Virgin Super Hub 2 has suggested that
(a) DMZ and stuff is not that good in SH2
(b) the solution is to run it in modem mode and buy a better router.
However the 'better router' seems to support DMZ, NAS storage and wired/
wireless LAN all in the same box.
Now I wouldn't mind a kick ass wireless router with USB NAS storage and
networked USB printer support but I am not at all sure about having that
all lumped in with the DMZ and also directly exposed to t'Internet.
Am I being too cautious, or does the physical separation strategy still
As a slight aside, I have various older cable/ADSL routers which are fine
for routing but don't support Gigabit Ethernet or the latest and fastest
wireless protocols. Are there still third party firmware builds which can
turn older routers into decent firewalls? This could save me buying two