Firewall Wizards mailing list archives
Re: DMZ design - Exchange, SQL, & DCOM
From: "Michael Borkin" <borkin () netquest com>
Date: Sun, 6 Feb 2000 10:07:52 -0500
Mikael, Thanks for the great response, it was extremely helpful and I appreciate your taking the time to post it. To answer your question first, I have been doing some research into DCOM (on Microsoft's site) but it really hasn't clicked in my head yet. I will probably post something to explain it in more depth once I can figure it out well enough to explain it. However, I do not think it will even be a problem if the SQL server is in the same DMZ as the webserver. My concern was based on a programmer telling me that DCOM (Distributed Component Object Model) uses dynamic port allocation to communicate between machines. Since I was thinking that it would have to go through the firewall, rather than just work within the DMZ, I thought it would be an issue. <snip> I'd recommend placing a mail forwarder with content screening capabilities in a SEPARATE DMZ, and the Exchange server on the internal network. </snip> I have to ask a stupid question of you though (I just can't help it... its part of my nature), why do you recommend a seperate DMZ just for mail forwarding? Is it just an extra added layer of protection so that you can packet filter specifically for SMTP and HTTP on each DMZ or is there some more critical reason that I don't realize? Thanks again, Mike
Current thread:
- DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 04)
- Re: DMZ design - Exchange, SQL, & DCOM Bill Pennington (Feb 06)
- RE: DMZ design - Exchange, SQL, & DCOM Omar T. Fahnbulleh (Feb 06)
- Re: DMZ design - Exchange, SQL, & DCOM Mikael Olsson (Feb 07)
- RE: DMZ design - Exchange, SQL, & DCOM Phil Cox (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Jack Dingler (Feb 10)
- <Possible follow-ups>
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 06)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 07)
- Re: DMZ design - Exchange, SQL, & DCOM billp (Feb 07)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 07)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 07)
- Message not available
- Re: DMZ design - Exchange, SQL, & DCOM Jan Schultheiss (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Mikael Olsson (Feb 11)
- Message not available
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 07)
- RE: DMZ design - Exchange, SQL, & DCOM Henry Sieff (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Francois Dupont (Feb 10)
- RE: Re: DMZ design - Exchange, SQL, & DCOM jan . schultheiss (Feb 15)