Solved

Best practice in updating the server in DMZ

Posted on 2010-08-25
3
680 Views
Last Modified: 2012-05-10
Hi All,

I've got several DMZ Windows server that I'd like to know how to update them, it is serving as terminal server and the webserver with only port 443 and 80 & 8080 opened to the internet with port 1521 for database connection.

I do have WSUS in place and already working fine in the internal domain, how do people usually do their patching for the DMZ servers ?

Any idea would be greatly appreciated.

Thanks,
JJ
0
Comment
Question by:jjoz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
rscottvan earned 500 total points
ID: 33528093
What constraints do you have regarding network security?  Do you control the network or only servers?  What is company policy about DMZ and Inside zones interaction?

You could open the needed ports from the inside to the DMZ, only for the WSUS server.

Or, for only a handful, it might be easier to do manually.
0
 
LVL 1

Author Comment

by:jjoz
ID: 33528133
yes, that is what I'm thinking of opening that port 8530.

the policy is that this terminal access server is the interface for the 3rd party consultant and user to perform some task into our system only.
0
 
LVL 10

Assisted Solution

by:rscottvan
rscottvan earned 500 total points
ID: 33528281
If there's no restriction on allowing 8530 between Inside and DMZ, I think best practice would be to use your existing management strategy for DMZ servers just like internal servers.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Australian government abolished Visa 457 earlier this April and this article describes how this decision might affect Australian IT scene and IT experts.
Postmortem reporting allow us to examine mistakes in a way that focuses on the situational aspects of a failure’s mechanism and the decision-making process of individuals proximate to the failure. Read our guide on how to handle IT post-mortem repor…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question