Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1588
Views
0
Helpful
7
Replies

DMZ Setup

Mikey John
Level 1
Level 1

‎05-13-2011 04:23 AM - edited ‎03-11-2019 01:32 PM

Hi All,

Iam new to the security domain, and was looking for a basic documentation which would help me in understanding what DMZ is, and what devices generally lie in that zone?

I have had experience in designing and configuring LAN/WAN devices, but needed to know how DMZ comes into picture in a corporate environment, and how does it connect to Internet/Backbone and other LAN/WAN services.

Would really appreciate if someone can point me to the right location/document.

Cheers

Mikey

Labels:
0 Helpful
7 Replies 7

varrao
Level 10
Level 10

‎05-13-2011 04:44 AM

Mikey,

DMZ is nothing but another interafce configured on the firewall. We generally have two interafces inside and outside, inside being high security (generally your complete internal Lan) and outside being internet interface (WAN interafce) now sometime you might need to configure a third mid security level interface, so you create a DMZ interafce with security level 50 or 99. Generally people prefer placing their servers on the DMZ interafce, so that internal users can access them. Logicall it is nothing but another interafce on the firewall, its just a name given to it, you can name it anything else, its just the logic of security level that it is allowed.

By default firewall allow implicitly going from high security to low and denies low to high.

You might wanna go through this doc for NAT/PAT on firewall:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008046f31a.shtml

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

varrao
Level 10
Level 10
In response to varrao

‎05-13-2011 04:49 AM

By the way DMZ is DeMilitarized Zone

Have a look at these config examples as well:

http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html

Let me know if you are looking for something else.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

Mikey John
Level 1
Level 1
In response to varrao

‎05-13-2011 06:10 AM

Hey Varun,

Thanks for ya reply. Iam looking for some documentation which details me about the connectivity between LAN and DMZ zones.

1) When they talk about servers lying on the DMZ, how are they connected? What is a DMZ Vlan?

I have seen in companies, the service desks and NOC placed in the DMZ zone. I needed to know how are they connected back to the local LAN/WAN in that site? Any standards to it?

More importantly how does the traffic flows across it. How and where is routing enabled to enable the traffic flow from inside DMZ?

Are there any documents which talk about all these concepts and designs while explaining the nitty gritty details about traffic flows.

Cheers

Mikey

0 Helpful

varrao
Level 10
Level 10
In response to Mikey John

‎05-13-2011 06:16 AM

Mikey,

Here is a basic configuration guide for ASA:

http://www.cisco.com/en/US/customer/docs/security/asa/asa82/configuration/guide/config.html

Here is the command reference for the ASA:

http://www.cisco.com/en/US/customer/docs/security/asa/asa82/command/reference/cmd_ref.html

Let me know if you were looking for this.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

varrao
Level 10
Level 10
In response to varrao

‎05-13-2011 06:17 AM

Don't get confused with the term DMZ, it could be anything, its upto you what you name it.

Varun

Thanks,
Varun Rao
0 Helpful

navnsing
Level 1
Level 1
In response to varrao

‎05-13-2011 06:29 AM

Thanks Varun. I guess I can get started with these docs as of now.

Cheers

Mikey

0 Helpful

varrao
Level 10
Level 10
In response to navnsing

‎05-13-2011 06:31 AM

Not  a problem, if you need any further help, you can let me know on this thread.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card