• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 305
  • Last Modified:

Is this secure? A Networking Challenge

PLEASE help, I am going to ameeting with this proposal and I know some security people will tear me apart.  So any tips much appreciated.
Check out the diagram http://www.geocities.com/chris11.rm/network.jpg

Server A uploads to Server B updated images over a VPN IPSEC DSL connection; I have no question regarding this security.

Server A – Primary Location - Win 2000 server with 2 nics, one connecting to local LAN, the other connecting to a DSL router,

Server B – Remote location - Win 2000 server with one nic connected to the DSL router.

The current setup allows for viewing of images from server B only, there is no access to the remote location’s LAN.

Objective:  Allow for secure viewing of images from computers on the LAN side of server B, while not allowing for traffic to traverse to Server A LAN side or Server A for that matter.  Also the reverse, no access from the LAN side of Server A to the LAN side of server B.

Propose:  What I proposed was to add a second nic to the server b side, is this the best approach?

Thanks for any challenges.
1 Solution
Sounds like a good plan. Add a second NIC to server B and also make sure you have routing disabled on the OS you are running. You just have to turn off a few registry keys on Windows 2000

For added security, you can also install a personal firewall such as zone alarm pro or black ice defender.

Rich RumbleSecurity SamuraiCommented:
The windows IPSEC firewall can get your communications secure from one host to another, and even firewall all others, so there is no routing between the two.
It's a useful tool.
n_athenAuthor Commented:
Some clarification:
The communication from Server A to Server B is secure and does not need any more improvement.

The problem is that the LAN side of Server B needs to access Server B as if it was an internal web site.  
The company on server B side needs confirmation that there is no way anybody from Sever A can jump across to  the LAN side of Server B.

I hope this is clearer...

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now