DMZ Help

billybob01

Can anyone explain to me how i can setup a DMZ. I need to place a web server out into a DMZ at work and know very little about the procedures for setting up a DMZ.

taktsoi

DMZ, where servers are hosted for public services, is a designated, screened, secured subnet behind the firewall. Depending on your traffic configurations, this subnet SHOULD NOT be able to contact the intranet LAN or vice versa.

When you need to translate the public routed-IPs to non-routed local IPs, you need the NAT technlogy. That means that you can use the NAT to create another subnet and apply the restricted traffic in your firewall to/from the public services. Additionally, if you given the public IPs for those public services, you can use the 1:1 NAT mapping to the hosts. Moreover, you can use Proxy service to restrict the traffic.

BTW, what firewall are you using?

billybob01

I am using ISA 2004.

Ye Gum Noki

Tons of instructions for this kind of stuff on the web, just google it. If you don't know how to do it, you shouldn't be doing it, because you have a high risk of screwing it up.

Sorry, just feeling a little "Simon Cowell-ish" today.

billybob01

Yes thankyou for stating the obvious there. Trousers too high around the waist today are they??

Pash

Hehe, im proud to have another famous british export like simon cowell .

Anyway, there are plenty of guides for "creating a dmz in a windows environment using ISA" out there. The first page in the google search should be all you need. I have to create a dmz myself using a juniper firewall next week.

Take all the time you can afford to test and learn now before implementing it, because it's ok to get it wrong in a test environment rather than in a live one.