+ Reply to Thread
Results 1 to 5 of 5

Thread: DMZ?

  1. January 26th, 2004, 03:00 PM #1
    blubomber
    blubomber is offline
    Ultimate Member blubomber's Avatar
    Join Date
    Oct 2001
    Location
    Reno, NV
    Posts
    1,624
    Send a message via MSN to blubomber Send a message via Yahoo to blubomber

    Question DMZ?

     
    I am shopping around for a new Gateway/Firewall for my company. One thing that i have noticed is that firewall manufacturers are now offering a DMZ port on the firewall appliance. DMZ is for Demiliterized Zone. And from what i understand, you would hook up your web, mail, and other published servers on you private LAN to this port so that they can be accessible from the internet. And, at the same time, they would be somehow separated from your other servers you want to keep safe. It does sound like a good idea.

    When did this DMZ concept first get addapted to firewall appliances (is this something new) and is anyone implementing this type of setup?

    Just curious.
    Reply With Quote Reply With Quote
  2. January 26th, 2004, 03:06 PM #2
    vass0922
    vass0922 is offline
    Not Really a Member
    Join Date
    Oct 2001
    Posts
    27,856
    Ya lots of people put up DMZ's to seperate their internet servers from the rest of the server population.

    It IS a good idea
    The idea is

    Internal can see external servers (traffic from internal servers to external allowed), but not vice versa (you can't even ping a internal server from the dmz).

    That way if somebody hacks into the box, they can't go much farther than that.
    You'd only allow for a VERY minor amount of traffic to go through, ie. for SQL queries or exchange if its an OWA box.
    Then of course you limit it to a specific type of traffic as well.

    They've been around for awhile, linksys routers typically come with one DMZ option where you can set one IP as a DMZ box ... usually for putting up a game server or something.
    Helicopters don't fly; they vibrate so much and make so much noise that the earth rejects them.
    Reply With Quote Reply With Quote
  3. January 27th, 2004, 12:27 PM #3
    willy_ph
    willy_ph is offline
    Ultimate Member willy_ph's Avatar
    Join Date
    Oct 2001
    Location
    Trent University
    Posts
    2,414
    As vass already noted, linksys routers allow one to DMZ one IP address. This is accomplished through the web-based management software built-in to the router itself.
    The difficulty is to try and teach the multitude that something can be true and untrue at the same time. -- Arthur Schopenhauer
    Reply With Quote Reply With Quote
  4. January 27th, 2004, 10:23 PM #4
    wfs
    wfs is offline
    Junior Member
    Join Date
    Jan 2004
    Posts
    23

    Talking

    I'm sure you guys know a he*l of alot more about this than me but I'll throw this out anyway - D-Link and Belkin have the same option. Now I just know what it is for
    Reply With Quote Reply With Quote
  5. January 27th, 2004, 10:33 PM #5
    Mickwish
    Mickwish is offline
    Swine flu stopper Mickwish's Avatar
    Join Date
    Dec 2001
    Location
    BrisVegas, Australia
    Posts
    11,748
    Blog Entries
    1
    DMZ is a great idea! Got one set up with my IPCop router/firewall. Keeps the internet "open" box out of the LAN, so even if it gets hacked it can only get into that box, nowhere else. Got my web/mail/ftp server on it.

    You can set what are called "pinholes" between the DMZ and LAN if you need to, eg for access to a SQL database or something.

    Very useful, IMO.

    Cheers
    Mick
    I don't like sigs on forums like this.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Recommended Sites: ResellerRatings Store Reviews