?
Solved

Best practice in updating the server in DMZ

Posted on 2010-08-25
3
Medium Priority
?
681 Views
Last Modified: 2012-05-10
Hi All,

I've got several DMZ Windows server that I'd like to know how to update them, it is serving as terminal server and the webserver with only port 443 and 80 & 8080 opened to the internet with port 1521 for database connection.

I do have WSUS in place and already working fine in the internal domain, how do people usually do their patching for the DMZ servers ?

Any idea would be greatly appreciated.

Thanks,
JJ
0
Comment
Question by:jjoz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
rscottvan earned 2000 total points
ID: 33528093
What constraints do you have regarding network security?  Do you control the network or only servers?  What is company policy about DMZ and Inside zones interaction?

You could open the needed ports from the inside to the DMZ, only for the WSUS server.

Or, for only a handful, it might be easier to do manually.
0
 
LVL 1

Author Comment

by:jjoz
ID: 33528133
yes, that is what I'm thinking of opening that port 8530.

the policy is that this terminal access server is the interface for the 3rd party consultant and user to perform some task into our system only.
0
 
LVL 10

Assisted Solution

by:rscottvan
rscottvan earned 2000 total points
ID: 33528281
If there's no restriction on allowing 8530 between Inside and DMZ, I think best practice would be to use your existing management strategy for DMZ servers just like internal servers.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We take a look at some of the most common obstacles that IT teams run into as they work relentlessly to keep all the alarms and sirens from going off at once.
OnPage enhanced its integration with ConnectWise Manage to offer incident responders more control over the ticket and Incident Resolution Lifecycle.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
Suggested Courses
Course of the Month8 days, 13 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question