Solved

Why DMZ proxy's are more secure

Posted on 2014-04-02
1
308 Views
Last Modified: 2014-04-02
I had asked a slightly different question previously, but I need clarification

Why would a Proxy on a DMZ be more secure than a port forwarding from the firewall
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 15

Accepted Solution

by:
achaldave earned 500 total points
ID: 39972551
DMZ proxy adds extra layer of protection to your internal network, DMZ proxy can authenticate and validate requests before connect to internal server and returning back results. Some of the proxies can also monitor requests and block any malicious data (e.g. Cisco web app firewall). Port forwarding on the other hand simply forwards requests to internal server without validating or authenticating the request so it is simply direct access to your internal server, a compromised internal server means your whole network is compromised and hackers can potentially access any resource on your internal network, a compromised DMZ proxy limits this to DMZ network and with proper security  on DMZ network can further limit it to just DMZ server. In case of denial of service attack the only server will suffer outage will be your DMZ proxy but if there isn't any and you are using port forwarding the DoS attack will bring down your internal server and your internal users won't be able to access the resources on the server.
Theoretically  anything connected to internet can be hacked but adding DMZ proxy increases the process and may give you enough time to respond to such threat.
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ActiveWorkbook.Save, with  no security message? 5 57
How to detect attacks on AWS (ie shimming, Blue Pill, Hyper jumping, etc) 2 131
Home security 15 66
harden EXCH2013 7 58
OnPage: Incident management and secure messaging on your smartphone
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question