Solved

Best practice in updating the server in DMZ

Posted on 2010-08-25
3
675 Views
Last Modified: 2012-05-10
Hi All,

I've got several DMZ Windows server that I'd like to know how to update them, it is serving as terminal server and the webserver with only port 443 and 80 & 8080 opened to the internet with port 1521 for database connection.

I do have WSUS in place and already working fine in the internal domain, how do people usually do their patching for the DMZ servers ?

Any idea would be greatly appreciated.

Thanks,
JJ
0
Comment
Question by:jjoz
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
rscottvan earned 500 total points
Comment Utility
What constraints do you have regarding network security?  Do you control the network or only servers?  What is company policy about DMZ and Inside zones interaction?

You could open the needed ports from the inside to the DMZ, only for the WSUS server.

Or, for only a handful, it might be easier to do manually.
0
 
LVL 1

Author Comment

by:jjoz
Comment Utility
yes, that is what I'm thinking of opening that port 8530.

the policy is that this terminal access server is the interface for the 3rd party consultant and user to perform some task into our system only.
0
 
LVL 10

Assisted Solution

by:rscottvan
rscottvan earned 500 total points
Comment Utility
If there's no restriction on allowing 8530 between Inside and DMZ, I think best practice would be to use your existing management strategy for DMZ servers just like internal servers.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Email signature management is something that is often overlooked in many organizations or is simply not implemented effectively. Let's take a look at what methods are available for managing this important piece of corporate branding.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now