Title: The Design of a Secure Gateway 
Authors: Bill Cheswick  
File name: pubdocfirewallsBill_Cheswick_secure_gateway.ps.Z 
Filesize: 21208 bytes 

Abstract: The Internet supports a vast growing
community of computers users around the world. Unfortunately,
this network can provide anonymous access to this community by
the unscrupulous, careless, or dangerous. On any given Internet
there is a certain percentage of poorly-maintained systems. AT&T
has a large internal Internet that we wish to protect from
outside attacks, while providing useful services between the two. 
This paper describes our Internet Gateway. It is an
application-level gateway that passes mail and many of the common
Internet services between our internal machines and the Internet.
This is accomplished without IP connectivity using a pair of
machines: a trusted internal machine and an untrusted external
gateway. These are connected by a private link.   The internal
machine provides a few carefully-guarded services to the external
gateway. Ti configuration helps protect the internal Internet
even if the external machine is fully compromised.