Re: DMZ Services, Best Balance Between Security and Functionality, Comments?
From: Keith W. McCammon (km_at_km.com)
Date: 07/03/03
- Next message: MS: "Re: DMZ Services, Best Balance Between Security and Functionality, Comments?"
- Previous message: Russ: "SID to Name?"
- In reply to: Ben Robinson: "DMZ Services, Best Balance Between Security and Functionality, Comments?"
- Next in thread: MS: "Re: DMZ Services, Best Balance Between Security and Functionality, Comments?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 3 Jul 2003 08:56:29 -0400
> 4 Member servers in the DMZ - members of external AD forest that trusts
> internal forest (one-way only). All external users accounts in external
> forest. Trust traffic secured with IPSec
In most cases, this is the setup that I prefer. Assuming that either
network would eventually be compromised to some degree, I'd prefer to have
the peace of mind that the internal network was not vulnerable as the result
of an attack on an external/hosting segment.
- Next message: MS: "Re: DMZ Services, Best Balance Between Security and Functionality, Comments?"
- Previous message: Russ: "SID to Name?"
- In reply to: Ben Robinson: "DMZ Services, Best Balance Between Security and Functionality, Comments?"
- Next in thread: MS: "Re: DMZ Services, Best Balance Between Security and Functionality, Comments?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
