And now for something completely different. Late last night I spent a bit of time looking into firewall topology for DailyLit’s growing server infrastructure. When you google the topic, you wind up with a lot of fairly old posts at the top. Wondering whether I am searching for the wrong thing (tried a bunch of different search terms) or this simply hasn’t changed much since I last looked at the topic three or four years ago. In any case, it seems that a screened subnet / triple-homed firewall is still the best compromise between security and cost but would love to know if anyone has better suggestions.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=2f70b782-8e8e-4c0d-830a-9999a5e1d53c)