Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [dmz]

In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. The term is normally referred to as a DMZ by information technology professionals. It is sometimes referred to as a perimeter network.

In computer security, a DMZ, or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external services to a larger untrusted network, usually the Internet. The term is normally referred to as a DMZ by information technology professionals. It is sometimes referred to as a perimeter network.

The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the network.

204 questions
1
vote
1 answer

Persistent TCP connection in DMZ

A vendor is requesting to allow persistent tcp (not port 80) connection between a server in the DMZ and the internal network. I don't have much experience with this setting. Can anyone shed some light on disadvantages of allowing persistent…
G33kKahuna
  • 289
  • 1
  • 4
  • 10
1
vote
3 answers

Cisco Multi-DMZ firewall

I need to find a firewall that will give me 1 LAN port, and 5-7 DMZ ports. I have a requirement to replace some FreeBSD systems that are used to run some testing equipment. It is essential that the DMZ ports cannot communicate with each other, but…
BParker
  • 297
  • 3
  • 16
1
vote
2 answers

Proper Network Infastructure Setup DMZ, VPN, Routing Hardware Question

Greetings Server Fault Universe, So here's a quick background. Two weeks ago I started a new position as the systems administrator for an expanding health services company of just over 100 persons. The individual I was replacing left the company…
RSXAdmin
  • 157
  • 2
  • 11
1
vote
4 answers

ESX servers in a DMZ

I have two ESX 3.5 servers in a DMZ. I can access these servers on any port from my LAN via a VPN. Servers in the DMZ are unable to initiate connections back to the LAN, for obvious reasons. I have a vCenter server on my LAN and can initially…
James
  • 128
  • 3
  • 15
1
vote
0 answers

DMZ Member Servers unable to return or authenticate internal domain accounts

I have DC in a DMZ where I can easily look up domain accounts from our internal domain under the NTFS permission if I tried to add users/groups to folder NTFS permission whiles logged in to the DMZ DC. However, member servers in the same DMZ are…
Saliu Maama
  • 11
  • 2
1
vote
1 answer

Forest trust relationship between WAN and LAN through Pfsense

I'm using Pfsense with 3 interfaces : LAN, DMZ and WAN. The LAN contains my Domain Controller and my main forest of course (abc.com), the DMZ contains some web servers. The other forest is located somewhere else on the internet and therefore is on…
Milorn Ovivias
  • 13
  • 2
1
vote
2 answers

DMZ and ActiveDirectory users

I start by saying that I am not really familiar with AD and DMZs. In my company, we have a DMZ with one server, isolated from the internal network (only a few open ports) and exposed to the web. There are some IIS applications running which have…
Emaborsa
  • 113
  • 3
0
votes
2 answers

DMZ over OpenVPN

I'm setting up an OpenVPN server. I want it to redirect any incoming connection (except for ports 22 (ssh) and 1194 (the VPN server itself)) to a client connected to the VPN. The VPN server will live at vpn.example.com The client is at 10.8.0.2, the…
WayToDoor
  • 126
  • 6
0
votes
2 answers

Fastest solution to use FTP/Aspera/MediaShuttle with SAN network

At my postpro studio we have a SAN Network (Stornext 6). There is also a MediaShuttle and FTP server in a VM on the firewall (I know, I know... Not my fault, really xD). The VM is sharing SAN over CIFS so everytime we need to send some files we…
Urien
  • 1
0
votes
1 answer

How to monitor hosts with foreman when there's only one-way traffic allowed?

I am currently setting up a PoC with foreman to monitor the configuration of some hosts. This works great. I am wondering, how could I monitor hosts in our DMZ? Where only one way traffic is allowed (local to DMZ)? I would prefer to see the host…
BenoitBalliu1
  • 101
  • 3
0
votes
1 answer

Would this setup provide adequate security?

In the following scenario, I'm looking to see if I can provide adequate security as is or if there would be any tangible benefit to re-architecting things (like changing it so that the service in question would be in a DMZ, or something like that). …
Kdawg
  • 103
  • 2
0
votes
3 answers

How can a URL from my website be hidden?

I have my site which URL is like this: https://test.my.webpage.example And I need to block a URL similar to: https://test.my.webpage.example/weblogic/someApp/someService This is for a application in Java, over a WebSphere, that must communicate to a…
DevMouse
  • 11
  • 1
0
votes
0 answers

OpenVPN without NAT or DHCP

I am trying to setup an OpenVPN server similar to LiquidVPN.com. WIth their VPN server when a client connects it receives the public IP address of the server. All network traffic to the public IP is forwarded to the connected client. I know this is…
djreisch
  • 101
0
votes
2 answers

Do I need routers in a LAN with 2-firewall DMZ solution?

I have a LAN that will host an EXTRANET site with 5 servers, and 2 exchange edge servers. The LAN will service an office in a 5 story building with about 100-200 users on each floor. Each floor will have it's own set of switches in supply…
Kevin
  • 5
  • 1
  • 7
0
votes
1 answer

Run windows services with different network credentials

I have server (W2016) in DMZ, not in domain. And I need start windows services (Dynamics NAV third party application) under local account but with different network credential (domain account) for SQL connection and validating users by kerberos.…
zdenál
  • 11
  • 1
1 2 3
13 14