• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 683
  • Last Modified:

Best practice in updating the server in DMZ

Hi All,

I've got several DMZ Windows server that I'd like to know how to update them, it is serving as terminal server and the webserver with only port 443 and 80 & 8080 opened to the internet with port 1521 for database connection.

I do have WSUS in place and already working fine in the internal domain, how do people usually do their patching for the DMZ servers ?

Any idea would be greatly appreciated.

Thanks,
JJ
0
jjoz
Asked:
jjoz
  • 2
2 Solutions
 
rscottvanCommented:
What constraints do you have regarding network security?  Do you control the network or only servers?  What is company policy about DMZ and Inside zones interaction?

You could open the needed ports from the inside to the DMZ, only for the WSUS server.

Or, for only a handful, it might be easier to do manually.
0
 
jjozAuthor Commented:
yes, that is what I'm thinking of opening that port 8530.

the policy is that this terminal access server is the interface for the 3rd party consultant and user to perform some task into our system only.
0
 
rscottvanCommented:
If there's no restriction on allowing 8530 between Inside and DMZ, I think best practice would be to use your existing management strategy for DMZ servers just like internal servers.
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now