Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 333
  • Last Modified:

Why DMZ proxy's are more secure

I had asked a slightly different question previously, but I need clarification

Why would a Proxy on a DMZ be more secure than a port forwarding from the firewall
0
Anthony Lucia
Asked:
Anthony Lucia
1 Solution
 
achaldaveCommented:
DMZ proxy adds extra layer of protection to your internal network, DMZ proxy can authenticate and validate requests before connect to internal server and returning back results. Some of the proxies can also monitor requests and block any malicious data (e.g. Cisco web app firewall). Port forwarding on the other hand simply forwards requests to internal server without validating or authenticating the request so it is simply direct access to your internal server, a compromised internal server means your whole network is compromised and hackers can potentially access any resource on your internal network, a compromised DMZ proxy limits this to DMZ network and with proper security  on DMZ network can further limit it to just DMZ server. In case of denial of service attack the only server will suffer outage will be your DMZ proxy but if there isn't any and you are using port forwarding the DoS attack will bring down your internal server and your internal users won't be able to access the resources on the server.
Theoretically  anything connected to internet can be hacked but adding DMZ proxy increases the process and may give you enough time to respond to such threat.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now