Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: DMZ, Tape Backup and Security

From: Matthew Crape <matthew.crape () ofa on ca>
Date: Thu, 19 Jun 2003 08:46:42 -0400
Erik,

        You really got me thinking about this. The only thing that comes to mind off hand is maybe putting the server 
on either network (or maybe neither) and then VPN into the network when you want to do the backup.

        There are probably other more practical and safer solutions, but I can't think of any off hand. Let me know 
what you go with.

     Matt


-----Original Message-----
    From: "Erik Vincent" <evincent () ndexsystems com>
    Sent: 06/18/2003 12:00:13 PM
    To: "security-basics () securityfocus com" <security-basics () securityfocus com>
    Subject: DMZ, Tape Backup and Security
    
    Hello to all,
    
    I would like to have comment on how to setup a backup strategie 
    regarding a DMZ.
    
    Scenario 1: Put a tape unit/software in the DMZ and another one on the 
    LAN to have everything separate.
    
    Plus side: No hole in DMZ Firewall
    Down Side: Cost (2 unit/software), 2 sofware to manage
    
    
    Senario 2: Change firewall rules to give acces from DMZ to LAN.
    
    Plus side: Cost less and easyer management
    Down side: Hole in Firewall
                (I did some test with Veritas Backup exec and it is
                 using RPC so it is a realy hard to set Firewall rules)
        
    Scenario 3: Have one server with 2 NIC. On on LAN and on on DMZ.
    
    Plus side: Cost, management
    Down Side: Need to have high security on server.
           Bypass Firewall. (High security Risk)
    
    
    What do you Think?
    Thank you all for your time and effort.
    
    
    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: