Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

DMZ VS. One to One NAT

Posted on 2004-10-16
3
Medium Priority
?
321 Views
Last Modified: 2010-05-18
I have a couple questions about setting up Windows 2k servers.  
1)  What are the security differences between using One-to-One NAT through a Sonicwall Firewall and Using dual NIC servers utilizing the DMZ port (as well as an internal connection)?
2)  I have monitoring software running on the server and when set up utilizing the DMZ and and internal connection (dual NIC)the server fails when trying to monitor internal resources?
3)  When running Poject Web Access will I have problems with Domain Authentication when accessing through DMZ from an external address.
0
Comment
Question by:chadman66
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 15

Accepted Solution

by:
adamdrayer earned 750 total points
ID: 12328910
>>Using dual NIC servers utilizing the DMZ port (as well as an internal connection)?

This is not advisable.  The DMZ (DeMilitarized Zone) has very little or no security from the internet.  The Firewall does very little to block any hurtful requests.  You should NOT connect this computer physically to the internal network.  All communications in and out of the internal network needs to be forced through the firewall.  Connecting your internal network to the DMZ basically invalidates the security of the firewall.  
0
 

Author Comment

by:chadman66
ID: 12329169
If a computer is setup with a dual NIC, one on the internal Network and one one the DMZ and the computer is infected by a virus\trojan\worm would the internal network be at risk of this infection?
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12329319
yep.  actually, connecting the DMZ to the internal network sorta makes every single computer on the network "in the DMZ" by definition.  internal networks should have well defined boundries on all sides by firewalls.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question