Link to home
Start Free TrialLog in
Avatar of Anthony Lucia
Anthony Lucia

asked on

DMZ features

Other than hosting reverse proxy's and DNS, what other utilities would be contained within a DMZ

Thanks
Avatar of Narender Gakka
Narender Gakka
Flag of United Kingdom of Great Britain and Northern Ireland image
to keep it simple all the public facing servers are placed in the DMZ network for obvious security reasons, and from DMZ to your LAN only the ports needed will be open that too passing the traffic through the secure IDS/IPS appliances to detect any threats.

but more info the below links :
http://en.wikipedia.org/wiki/DMZ_(computing)

and a video on physical network segmentation :
http://www.youtube.com/watch?v=cLNCYg5RorY
Avatar of Anthony Lucia
Anthony Lucia

ASKER

That is an excellent anser, but I need to ask one more thing

Why put a ftp server, or a mail server into a DMZ.  Both servers will have to access a mail or ftp server on the host on the other size of the DMZ.  In other words, would this not just be a passthru ?
ASKER CERTIFIED SOLUTION
Avatar of Narender Gakka
Narender Gakka
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Tintin
Tintin
Why put a ftp server, or a mail server into a DMZ.  Both servers will have to access a mail or ftp server on the host on the other size of the DMZ.  In other words, would this not just be a passthru ?

In most cases, a FTP server in the DMZ will have no inbound access to servers on your internal networks.

Files are usually transferred to the DMZ FTP server by a one way push from the internal network to the DMZ.