Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Why DMZ proxy's are more secure

Posted on 2014-04-02
1
Medium Priority
?
319 Views
Last Modified: 2014-04-02
I had asked a slightly different question previously, but I need clarification

Why would a Proxy on a DMZ be more secure than a port forwarding from the firewall
0
Comment
Question by:Anthony Lucia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 15

Accepted Solution

by:
achaldave earned 2000 total points
ID: 39972551
DMZ proxy adds extra layer of protection to your internal network, DMZ proxy can authenticate and validate requests before connect to internal server and returning back results. Some of the proxies can also monitor requests and block any malicious data (e.g. Cisco web app firewall). Port forwarding on the other hand simply forwards requests to internal server without validating or authenticating the request so it is simply direct access to your internal server, a compromised internal server means your whole network is compromised and hackers can potentially access any resource on your internal network, a compromised DMZ proxy limits this to DMZ network and with proper security  on DMZ network can further limit it to just DMZ server. In case of denial of service attack the only server will suffer outage will be your DMZ proxy but if there isn't any and you are using port forwarding the DoS attack will bring down your internal server and your internal users won't be able to access the resources on the server.
Theoretically  anything connected to internet can be hacked but adding DMZ proxy increases the process and may give you enough time to respond to such threat.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question