First of all let me say that I am by no means a security expert but I am trying to find alternatives to DMZs. It seems to me that if I put a Web Server in a DMZ that has to query another server off the inside interface, then I have defeated the purpose of the DMZ in the first place. I have seen the options for RODCs, different domains, etc. I just wanted to get an idea of what people are doing these days. I can't see major corporations or high security networks depending on DMZs as the end all to be all for seperating "expendable" and critical machines. Any and all input is greatly appreciated.
1 reply to this topic
Posted 02 August 2012 - 09:46 PM
From a security point of view, I would setup a VPN to VPN site connectivity, instead of placing the servers in a DMZ, this will give the servers more protection against external attacks, also the communication between the two locations will be encrypted, so no man-in-the-middle attacks.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users