stamperb
asked on
DMZ Question
In most of the networks I've worked with things have been small. So either there has been no DMZ or a very small one. In all of them all of the services were NAT'd to from External (public) IP's that lived on the firewall. So a web server would have an external IP on the firewall that simply had a port forward to its internal (private) ip. What i'm curious about is how in a large network does the DMZ work. If you have 30 web server 10 mail servers. Each of them needs to be placed in the DMZ? Is everything still NAT'd with ports forwarded thru to the servers? Or do the servers all get their own public IP? And if they do how do you get the trafic routed so it gets to the servers? I mean a ds-3 (or other line) comes in from the internet with a full public class C. It hits the firewall but how then does it get to the servers unless the firewall has all the IP's on its external side. I hope this makes since.
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Hardware Firewalls
Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.
25K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
