[zorp] good setup

Torsten Curdt tcurdt@dff.st
Mon, 22 Oct 2001 07:04:54 +0200

I'm about to revise our network setup and I was wondering
how a good setup with zorp would look like.

We are a pretty small company. We have about 10 workstations
and about 4 servers. We are connected with around 1,5 MBit
and we have about 2-4 GByte/Month of traffic on our firewall right

Since zorp is an application level proxy firewall the demands
of machine power are usually a bit higher than for a simple
ipchains based firewall. I was wondering if an old PII 200 Mhz
might be enough for our scenario.

I am also wondering if there are traffic statistics available
with zorp and how good the IDS is. Maybe snort can be combined
with zorp?

Maybe someone could also spent his 2 cents on the
following network setups:

setup 1:            internet
                     |  |
                     |  +---perimeter net

setup 2:

                    perimeter net with [gateway]

Where should a centralized syslog-ng and/or authentication
server be placed. inside the perimeter net or inside the
intranet. (inside the intranet would mean to pierce the
firewall to allow syslog traffic from the perimeter net
into the intranet)

If anyone could share some thoughts or experiences
would be great.