handymanaly
asked on
DNS server security in a DMZ
Regarding the DNS servers in the DMZ. Generally is it best not use Active Directory (domain controller) for the DNS server in the DMZ and leave it as a workgroup. Employees that troubleshoot this DMZ would have to go outside the firewall and use a public IP.
There may be one or two DNS servers that hold the zones used by the public.
A DC would provide better security but is it necessary?
There may be one or two DNS servers that hold the zones used by the public.
A DC would provide better security but is it necessary?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
One thing puzzles me handy: why do you say 'A DC would provide better security'? I just can't grasp what you mean with that so I could overlook something essential in your question.
J.