Port Forwarding or DMZ

Posted on 2004-09-30
Last Modified: 2013-11-16
Hello all, My network is currently using NAT with a basic sonicwalll pro 100 firewall. I have 2 new webservers to implement. i am going to purchase a cisco 515e. This is kind of my first time setting up webservers on a network. Is it better to set them on a DMZ or have it sit behind the firewall and have the ports forwarded? all advice is appreciated.
Question by:mrlucio79
  • 3
  • 3
LVL 79

Expert Comment

ID: 12191704
It is always considered best practice to put any server that is publicly accessible on a DMZ.

Author Comment

ID: 12192614
How many DMZs can the Cisco 515E handle? What do you think about this setup:

Internet<------>external router<------>Webserver(DMZ)<------>Firewall<------>internal router
LVL 79

Accepted Solution

lrmoore earned 125 total points
ID: 12192882
The 515 can handle up to 6 interfaces, or 4 DMZ's

  PIX Outside           Whatever you want the DMZ's to be....this is just an example
            DMZ1 ----- Web servers
            DMZ2 ----- Extranet connections
            DMZ3 ----- Special purpose servers (VPN)
            DMZ4 ----- reserved for future use
   PIX inside
    Internal network
    Internal router ----- intranet WAN remote sites
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.


Author Comment

ID: 12192926
Nice description! :0)  Here is a very stupid question though: Is it possible that I could hook a cisco switch into DMZ1 to host mutliple web servers?
LVL 79

Expert Comment

ID: 12192935
Absolutely! You can connect any interface to a switch. You can have 1000 servers on any DMZ that you want...

Author Comment

ID: 12192955
gotcha. This is great info. Thanks!!!

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Need basic content filtering for open access wireless in business location 3 45
Probable TCP NULL scan detected 10 229
Sonicwall Traffic 17 82
Which the best UTM recommended ? 2 67
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now