Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


How to configure DMZ Backup - dual NIC - security

Posted on 2009-05-01
Medium Priority
Last Modified: 2013-12-04
Want to create a separate backup network to offload traffic on production network. Multiple servers will have dual-NIC's' one for production network and one for dedicated backup network. Backup NIC's will be wired to a separate physical unmanaged GB switch and live on a separate IP subnet, without a default gateway defined. Backup Exec 11d is used for backup. I need to know the best way to secure our production servers with this setup. Is it secure to use the windows firewall along with IP filtering in IP properties. Just looking for thoughts on that as well as other security measures I should consider.
Question by:emsed
  • 3
  • 2

Expert Comment

ID: 24278930
Just to clarify you are asking about the setup for the backup network connected to the DMZ or for the entire design and setup

Author Comment

ID: 24279182
Not the entire design, unless what I am doing is way off. The production DMZ network is setup and isolated by a corporate firewall, all security in place. Adding (2nd) NIC's to the servers for backup and then connecting all these servers to a separate physical switch raised security concerns for me. So, I am focused on setup of the backup network and security.

Accepted Solution

Multipath earned 1000 total points
ID: 24281250
Might I suggest an iptables firewall for seperation so you can keep using you existing architecture and buisness continuity with out sacrafising the security setup you are trying to achieve.  Also remember that a firewall is only as good as it's rulebase.  

Author Comment

ID: 24281420
My expertise is in Windows (16 years), not much in Linux but I'm sure I could use it if Im convinced thats the way to go. I would have used our production firewall but the ports are only 100MB and that will hurt my GB throughput backup network. If I were to go with this solution, I'm not sure I would know how to setup the network portion, etc because of my lack of experience with Linux. Thank you for your suggestion.

Author Comment

ID: 24297017
OK, does anyone know of a good and inexpensive firewall I can purchase to secure my DMZ backup traffic from my internal backup server. I would want GB port speeds as well. Thank you in advance..

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
"Any files you do not have backed up in at least two [other] places are files you do not care about."
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question