Questions tagged [dmz]

In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. The term is normally referred to as a DMZ by information technology professionals. It is sometimes referred to as a perimeter network.

The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the network.

204 questions

vote

1 answer

Servers in DMZ will not communicate with each other

(Full disclosure: I rate barely above "noob" when it comes to networking.) My workplace recent got a new web server. Since we're nearing the end of an overhaul of our website, we're doing a slooooow migration between the old web server and the new…

asked Nov 24 '12 at 02:47

Kodithic

vote

1 answer

Cisco adaptive security appliance is dropping packets where SYN flag is not set

We have an apache instance sitting inside our DMZ which is configured to proxy requests to an internal NATed tomcat instance inside our network. It works fine, but then all of a sudden requests from apache to the tomcat instance stop getting through…

cisco-asa mod-proxy dmz ajp mod-proxy-ajp

asked Nov 14 '12 at 05:53

Brett Ryan

vote

1 answer

API exposing services running on LAN to serve website in DMZ

I have a team of developers who are writing both an intranet and external website. The website consists of two servers and a load balancer, inside a DMZ. The DMZ has a pinhole open to the LAN (http/80), to expose API services from the LAN. e.g. WAN…

security dmz

asked Nov 08 '12 at 09:23

Scott Bloggs

vote

2 answers

Linux - Get Outbound/Inbound Traffic by IP address

I am hosting a website and I found that the traffic on my server is quite high. My Linux server is behind a router in a DMZ. I would like to see the traffic made on my Linux box on the eth0 interface, based on the public IP address of the client. I…

linux debian bandwidth router dmz

asked Nov 02 '12 at 20:09

Jonathan Rioux

1,938
6
33
57

vote

4 answers

Looking for low cost VPN/DMZ solution

I am looking to set up a VPN and DMZ solution for a small business. Here is some background and some of their requirements: The is a small business with maybe a dozen servers and another half-dozen workstations. It provides a public web…

networking vpn dmz

asked Mar 04 '12 at 23:36

craigm

vote

3 answers

Find all internet facing servers

We have a large network with many servers. What is the easiest way to find all the servers that are Internet facing? Manually checking each server is not an option.

dmz

asked Nov 03 '11 at 17:22

Barry Allen

vote

2 answers

Multiple blades in one chassis, some in DMZ, some in internal network

This question is similar to: Blade Enclosure, Multiple Blade Servers, Whats the closest approximation to a DMZ? In my case, I don't have virtualization so I cannot use vLANs as suggested in answers to the question above. So I have several blades in…

firewall dmz blade-server

asked Oct 11 '11 at 09:20

Benoit Thiery

vote

2 answers

Considerations for Security appliance/software in DMZ

What are the significant considerations when designing and setting up a dmz for a relatively small office (15-20users) with a limited budget? The network traffic across the dmz will be inbound smtp (ms exchange), inbound http/s (owa), outbound…

security firewall dmz

asked May 02 '09 at 17:46

James Moore

1,247
3
17
23

vote

1 answer

FTPS server in DMZ. Force different IP addresses for passive mode

I'm setting up an FTP server with TLS/SSL encryption (FTPS, not SFTP). The server would be placed in DMZ. This means that it has tho interfaces: one for connections from the company's network and the other (statically NATed to Internet-valid ip…

linux ftp nat dmz

asked Jul 13 '11 at 17:36

HUB

6,630
3
23
22

vote

2 answers

Should I Run TMG as a Hyper-V Guest

Okay here's an interesting question. In two parts: Is it advisable to run TMG as a hyper-v guest in production? (something is nagging me that it's not a good idea, but it's possible to give a VM exclusive access to a NIC and technically the "host"…

security firewall hyper-v dmz microsoft-ftmg-2010

asked Jun 17 '11 at 19:29

Michael Brown

vote

1 answer

Windows Vpn Server Role in DMZ?

I work on a small business network that runs on a windows server 2008 R2 domain. Right now we use a Cisco (Linksys) RV042 router to handle both VPN connections and a single Site-Site vpn. However, there has been mild-but-increasing interest in…

vpn windows-server-2008-r2 dmz

asked May 26 '11 at 07:12

bwerks

vote

2 answers

How to redesign our network?

We currently have three networks, X.X.163.1, X.X.93.1 and 192.168.1.1. Today's setup is like this: We now have PPT VPN from internet to the X.X.163.1-network, but really need to access the files from the File Server through VPN. I am also aware…

networking vpn dmz network-topology

asked Jan 12 '11 at 09:33

Asbie

vote

1 answer

DMZ setup and firewall throughput limit

I am in the process of moving server room into the datacenter and it is a good time to review current setup for security zones.We are using Vsphere 4 Standard and Cisco ASA 5510 firewall. At the moment firewall is a single connection point for…

networking firewall dmz

asked Dec 15 '10 at 12:32

Sergei

1,226
16
25

vote

3 answers

Securing VPN access from users machines (home office)

We already have a couple of people working from home, accessing some internal servers via VPN. They're all using company provided laptops or PCs which we have complete control over. Now we're faced with more people wanting to do home office but…

security vpn proxy anti-virus dmz

asked Dec 02 '10 at 18:21

toString

vote

3 answers

Blade Enclosure, Multiple Blade Servers, Whats the closest approximation to a DMZ?

I appreciate that to get a proper DMZ, one should have a physical separation between the DMZ servers and the LAN servers, with a firewall server in between. But, in a network consisting of a single Blade Enclosure containing two or more Blade…

virtualization dmz blade-server

asked May 27 '10 at 13:29

codeulike

1,008
5
17
29

Prev 1 2 3

…

13 14 Next