Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Webserver on a DMZ still needed?

From: lexnlondon () gmail com
Date: 5 Sep 2006 15:21:08 -0000
lotsof questions there ..
1. are dmz's still needed - many would say no, but they do serve a purpose - even if it is only of mentally segmenting 
the external attack vector area in peoples minds -so that patches & firewall rules are considered regularly.
2. should the exchange server be on the DMZ? - Many would say no there should be an OWA or Citrix front end in the DMZ 
and the exchange internal. But if your exchange server is both front and backend then fair enough. Although 
non-charities would probably build a layer of email defenses and whatever is the first defense would usually sit on the 
DMZ.
3. Microsoft patches - thats something on the improve every day - but you cant seriously think that MS are on top of 
all OS/Exchange/SMTP/virus patches 24x7 - they typically patch only on Tuesdays and even then they are patching issues 
raised a week or month earlier.

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: