About DMZ zones


Dear all,

I have one PIX 515 firewalls, I want to know about the use of DMZ ports ??
javeed_ccnaAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Tim HolmanConnect With a Mentor Commented:
An example may help - here's a Cisco PIX one with a mail server running on the DMZ -

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008015efa9.shtml
0
 
Tim HolmanCommented:
What do you need to know ?
Think of this as another internal port - you can assign it a different IP address / network range, and setup policies, NAT etc, just as you would your inside port.
0
 
bloemkool1980Connect With a Mentor Commented:
I partly agree with Tim. But a DMZ is a zone that if accessible by the outside it should not be able to initiate a connection towards your LAN.
Meaning that if you put your webserver in a DMZ this server can be accessed through the outside but the webserver should not be allowed to make a connection to the LAN. However the inside should be able to access the webserver eventually but this can only be allowed if the connection is initiated by the inside.
The reverse is also possible, if a DMZ access the LAN it should not be possible to access this DMZ directly from a untrusted zone such as teh Outisde
0
 
javeed_ccnaAuthor Commented:
Can u give me any good link about his topic in depth ?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.