Link to home
Start Free TrialLog in
Avatar of techmiss
techmissFlag for United Kingdom of Great Britain and Northern Ireland

asked on

DMZ & Domain Servers

Hi all,

I have a webserver that is a member of my Windows domain.

I plan to move this webserver onto my DMZ, is it safe to leave this server on the domain (although the relevant firewall ports will not be open to the DC) or is it best practice to remove it first?

I only wonder what information could get from a member server if malicious access was obtained?

Cheers

K
Avatar of Mike
Mike
Flag of United States of America image

If it's just a member server you should be alright.  Just make sure it's patched and updated.
ASKER CERTIFIED SOLUTION
Avatar of ArneLovius
ArneLovius
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of techmiss

ASKER

It's a webserver so for best practice sakes I'm going to put it on DMZ.

When built as a member server it was never intended to go on a DMZ else I wouldn't have joined it.

I will put it on DMZ as is short term then remove it at a later date I think...

K
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hello,

I would suggest to go with DMZ by removing member of domain. Because if your web server compromised, attacker can get hold of your domain network and ultimately domain controller.

Regards,
Sanjay Santoki