Adding DMZ Servers to internal domain
Posted on 2011-02-17
Quirky question - currently we have our internal domain, a DMZ in its own workgroup, and a
router/firewall connecting the two. We have ACLs limiting the connectivity between the two,
and I was wondering if that because of those ACLs, if I'd be OK to add our servers in our DMZ
to our internal domain. I.E., we'd open up traffic on port 389 (LDAP) and port 53 (DNS) and leave
the rest blocked. Would that cause an absurd lack of security?