Educause Security Discussion mailing list archives
Re: Philosophy of DMZ
From: Steven Osit <sosit () SVA EDU>
Date: Tue, 19 Apr 2005 17:35:18 -0400
We've had a similar issue so we've used a slightly different variation on the DMZ idea. I've got a firewall between my internal networks and these kinds of web servers, and then another one between the web servers and the Internet. That way I can make sure only expected forms of traffic are coming in to and coming in from my web servers, but still protect them somewhat by firewall from the outside world. - Steve Osit Barros, Jacob wrote:
I've run into a situation where a solution we are implementing requires a web server to be on our inside network but needs to be accessed externally. This is happening much more frequently than I would like. We're doing some long-term planning and my office would like some feedback from other institutions. If I'm going to have to keep adding servers that can be accessed directly, is there still reason to have a DMZ? My understanding of having a DMZ, is to not allow public external access to internal servers and all requests to internal servers should be answered by a proxy/reverse proxy server. Am I just an idealist? Can anyone share experiences with proxying? Anyone ever scrap their DMZ? Any policies that you can share on external access to internal web servers? Jake Barros Grace College ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Philosophy of DMZ Barros, Jacob (Apr 19)
- <Possible follow-ups>
- Re: Philosophy of DMZ Steven Osit (Apr 19)
- Re: Philosophy of DMZ Michael J. Benedetto (Apr 19)
- Re: Philosophy of DMZ Scholz, Greg (Apr 19)
- Re: Philosophy of DMZ Barros, Jacob (Apr 19)
- Re: Philosophy of DMZ Ron Parker (Apr 19)
- Re: Philosophy of DMZ Mills, Michael (Apr 20)
- Re: Philosophy of DMZ Davis, Thomas R. (Apr 20)
- Re: Philosophy of DMZ Daniel Adinolfi (Apr 20)
- Re: Philosophy of DMZ Scholz, Greg (Apr 20)
- Re: Philosophy of DMZ Kowal, Michael (Apr 20)
- Re: Philosophy of DMZ Herrera Reyna Omar (Apr 20)
(Thread continues...)