DSN service for Workgroup servers in DMZ

CProp
CProp used Ask the Experts™
on
Hello
I have a question to see if there's a security risk in the way I have DNS configured.
Here's my setup:

Concerning the DNS entries in TCP/IP, would you have any issues with this setup:
I have a couple of Windows 2003 servers (IIS + SQL) sitting on DMZ setup as a workgroup. They communicate with each other with their host files. However, DNS entries in TCP/IP settings are configured as 8.8.8.8 as preferred DNS server and 8.8.4.4 as Alternate.
This is done, so they can get Microsoft updates, virus updates and any other software patch/fix/upgrades that are required.

Internal client accessing  the website (IIS) access it through public IP of website.

Is this setup ok for external name resolution, or should I still configure DNS through network services and configure Forwarders to 8.8.8.8 or my ISP DNS servers?

The two servers do sit behind a firewall.

Thanks in advance for your help.

CP
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
DNS Queries to outside servers are ok.  The only thing would be if one of the external DNS servers spoofed an address.  Which is less likely when using Google or OpenDNS as your DNS lookup.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial