Firewall Wizards mailing list archives
Re: DMZ design - Exchange, SQL, & DCOM
From: Jan Schultheiss <jan.schultheiss () ubs com>
Date: Tue, 08 Feb 2000 11:37:47 +0100
Hi, [snip]
The reason for the separate DMZ is that you don't want to expose your mail forwarder to your web server. The risk that someone will hack your web server through the firewall is much greater than the risk of someone hacking your mail forwarder through the firewall. However, with the two placed on the same LAN, hacking the mail forwarder most likely becomes a simple task.
Another possibility is to use "secure" switches. There is a switch from Bay (i.e Nortel) that allows you to configure on a port basis which devices are allowed to talk to each other. You can define a port on that switch which can talk to all other ports on that switch. In that specific port you place the (ethernet) cable from the firewall. All other ports are configured in such a way that they cannot talk to each other (they don't even see broadcasts from other devices). Best regards Jan Schultheiss
Current thread:
- Re: DMZ design - Exchange, SQL, & DCOM, (continued)
- Re: DMZ design - Exchange, SQL, & DCOM Bill Pennington (Feb 06)
- RE: DMZ design - Exchange, SQL, & DCOM Omar T. Fahnbulleh (Feb 06)
- Re: DMZ design - Exchange, SQL, & DCOM Mikael Olsson (Feb 07)
- RE: DMZ design - Exchange, SQL, & DCOM Phil Cox (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Jack Dingler (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 06)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 07)
- Re: DMZ design - Exchange, SQL, & DCOM billp (Feb 07)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 07)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 07)
- Message not available
- Re: DMZ design - Exchange, SQL, & DCOM Jan Schultheiss (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Mikael Olsson (Feb 11)
- Message not available
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 07)
- RE: DMZ design - Exchange, SQL, & DCOM Henry Sieff (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Michael Borkin (Feb 10)
- Re: DMZ design - Exchange, SQL, & DCOM Francois Dupont (Feb 10)
- RE: Re: DMZ design - Exchange, SQL, & DCOM jan . schultheiss (Feb 15)