Options

DMZ usage

GOZCUGOZCU Member Posts: 234
in Off-Topic
Hello guys, i just wonder about the DMZ. How is the usage of it in a small corporation ? Or Do we use the DMZ at companies which provides public services like (DNS,MAIL...) ? I want to know the daily usage view(not book definitions) and how often we come across to this term as a network admins/engineers.
http://www.linkedin.com/in/esergozcu

http://studentcodes.org/
· Share on FacebookShare on Twitter

Comments

  • Options
    higherhohigherho Member Posts: 882
    DMZ's are widely used for security purposes. For example I have a security appliance, that by hardening standards I need to keep it by itself. This means its in its own work group, own private dmz, and the only way to get into the box is via console or through the web interface via Smartcard login (which is locked down by firewall rules on who can get to it via the internal network). I know in our production environment you will commonly see public facing web servers in a public DMZ separated from your internal network and the only way into that is with a FIPS 140-2 compliant product (Dameware for example).

    I'm sure other individuals here can share their experience but from mine if I'm told it needs to be locked down / segreated from the internal network its going to be in a dmz ough the web interface via Smartcard login. I know in our production environment you will commonly see public facing web servers in a public DMZ from your internal network and the only way into that is with a FIPS 140-2 compliant product (Dameware for example).

    I'm sure other individuals here can share their experience but from mine if I'm told it needs to be locked down / segregated from the internal network its going to be in a dmz type environment.
    · Share on FacebookShare on Twitter
  • Options
    GOZCUGOZCU Member Posts: 234
    Thanks, so even for a public ftp server, DMZ can be a part of a solution to keep your internal-net safe.
    http://www.linkedin.com/in/esergozcu

    http://studentcodes.org/
    · Share on FacebookShare on Twitter
  • Options
    demonfurbiedemonfurbie Member Posts: 1,819
    i use my dmz as a place to put my honeypot
    wgu undergrad: done ... woot!!
    WGU MS IT Management: done ... double woot :cheers:
    · Share on FacebookShare on Twitter
  • Options
    the_hutchthe_hutch Banned Posts: 827
    Very simply stated, a DMZ can and should be used anytime you need to have a portion of your network that (for operation reasons) requires different security requirements (open ports or services) than your hardened internal network. This is usually for publically available services. A DMZ is easy to implement. All you need is a dual-homed firewall at both ends.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.