Steven Busher
asked on
Need help with a DMZ type situation
Hey guys and gals. I have a situation where my client has 2 scientific devices attached to PCs that simply cannot run AV software . We will call them HYDRA devices. We do not want any devices on the network without AV. The problem is these devices generate and send data to a share on a server called DMZ1. The data is then pulled to a third location that IS on the internal network. I know the simple answer here is remove the gateway from the HYDRA devices so they cant get online but that's not possible. My goal is to put the Hydra devices and DMZ1 in a DMZ type environment. DMZ can run AV with no problem. Any suggestions and does this make sense at all?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Jeff Brown
if you use static addressing on network 1 you will not need additional settings. You may possibly need two switches or a switch with vlan capabilities depending upon how picky hydra devices are.
ASKER
Hi Wildstar,
Thanks for the reply. This makes sense and I can do that no problem but the only issue is the makers of Hydra need to periodically connect to the devices to install updates or fix problems. I guess I could have them connect to the DMZ server then internally RDP to Hydra right?
Thanks for the reply. This makes sense and I can do that no problem but the only issue is the makers of Hydra need to periodically connect to the devices to install updates or fix problems. I guess I could have them connect to the DMZ server then internally RDP to Hydra right?
correct any outside action would need to go through your av equipped box that can communicate to both networks and the outside. if they need direct contact for what ever reason you would need to put them on the main network to access them.
ASKER
quick, accurate help. Laid it out for me so it was easy to understand and wasn't condescending.