Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
446
Views
3
Helpful
1
Replies

Allowing Port 80 from a DMZ server to outside for updates

thomuff
Level 3
Level 3

‎07-28-2006 07:39 AM - edited ‎03-09-2019 03:44 PM

Today, we have a Web server sitting on a DMZ allowing only 80 and 443 from the outside world. This Web server is not allowed to initiate traffic from the dmz to the outside world. Is there any risk in allowing port 80 traffic to the outside world from this web server to get Updates.

Labels:
0 Helpful
1 Reply 1

mmorris11
Level 4
Level 4

‎07-28-2006 10:02 AM

There are always are risks when exposing a machine to a network, of course but the particular risk for you is that it is possible for the machine to download malware and such. If it becomes a zombie it could do bad things in an automated fashion. THese are but a couple. If your needs are very vertical and you know you only want the box to fetch updates via http from a few known ip addresses, then it is a simple matter to restrict your host to only get http from a those hosts.

HTH

-pls rate if helpful

Customers Also Viewed These Support Documents