Firewall Wizards mailing list archives
Re: DMZ best practices
From: Amos Hayes <ahayes () polkaroo net>
Date: Tue, 19 Jan 1999 16:04:32 -0500 (EST)
On Mon, 18 Jan 1999, Jeromie Jackson wrote:
At 04:03 PM 1/16/99 -0800, John Kozubik wrote:Now, what kind of machines would you put in the DMZ? Not many, in my opinion. Mail, news, www, etc. should _always_ be behind a firewall with a security policy in place.Your web server certainly should NOT be behind your firewall. This would completely compromise the function of the firewall.
I think people might have misunderstood John's comment. "A firewall" is not necessarily "Your (one and only) firewall". I would agree that all your servers should be behind a firewall. But that doesn't mean that they should all be behind one of your _innermost_ firewalls. -- Amos Hayes ahayes () polkaroo net Ingenia Group - Software Kinetics Ltd. http://polkaroo.net/~ahayes http://www.sofkin.ca
Current thread:
- DMZ best practices Perry, David (Jan 15)
- Re: DMZ best practices Bennett Todd (Jan 19)
- <Possible follow-ups>
- Re: DMZ best practices John Kozubik (Jan 18)
- Re: DMZ best practices Jeromie Jackson (Jan 19)
- Re: DMZ best practices Amos Hayes (Jan 20)
- Re: DMZ best practices Dominique Brezinski (Jan 19)
- Re: DMZ best practices Jeromie Jackson (Jan 19)
- Re: DMZ best practices Bill_Royds (Jan 19)
- RE: DMZ best practices Andreas Haug (Jan 20)
- Re: DMZ best practices John Kozubik (Jan 20)
- Re: DMZ best practices Security (Jan 20)
- Re: DMZ best practices Dominique Brezinski (Jan 21)
- RE: DMZ best practices Bill_Royds (Jan 21)
- RE: DMZ best practices Andreas Haug (Jan 26)
- Re: RE: DMZ best practices Robert MACDONALD (Jan 21)
- Re: RE: DMZ best practices Joseph S D Yao (Jan 26)
(Thread continues...)