Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
686
Views
0
Helpful
1
Replies

DMZ architecture

aymerick.dumas
Level 1
Level 1

‎11-16-2006 09:50 AM - edited ‎03-09-2019 04:54 PM

I am building a new LAN in my company and we require to include one or several DMZ.

Anyone has a document explaining the purpose and methods for building a DMZ ?

Thanks

Labels:
0 Helpful
1 Reply 1

a.kiprawih
Level 7
Level 7

‎11-16-2006 04:42 PM

DMZ can be assumed as transit/neutral area to limit external users/traffic coming into any network. Access typically terminated to servers/services hosted in this area. This is to prevent internal network from being directly access by outsider as internal network is viewed as the most secure place in your network and must be protected accordingly.

Typically, you need to do address translation when allowing traffic from DMZ coming or talking to your internal resources. But in certain cases/scenario, you probably can skip this.

The existance of several DMZs in network is meant to host different group of services/servers/resources, i.e DMZ1 to host common/general public webservers/Portal, DMZ2 to host your VPN/remote access services, DMZ3 to host secure e-commerce servers/front-end servers, DMZ4 to host routers/link to extranet/partner network and so on.

This design allows you to contain traffic to indiviual DMZ, prevent/limit threats escalation and flexibility in network design.

There are many docs & guidelines when designing and creating DMZ.

Ref:

http://www.cisco.com/en/US/products/ps6120/products_getting_started_guide_chapter09186a0080686104.html

http://www.bgpbook.com/introconceptsdmz.html

http://www.ssimail.com/Zoneguard.htm

http://support.microsoft.com/kb/191146

HTH

AK

0 Helpful
Customers Also Viewed These Support Documents