On 25 Jul 99, at 21:12, Somebody Somewhere wrote:
> Is it a better idea to set up the proxy and DNS servers on an internal
> network or on a DMZ?
Proxy, I would put in the DMZ -- then the only connections to your inner
servers that transit the firewall are between them and the proxy. I don't
see an internal proxy doing much good.
DNS that answers external queries should be in the DMZ. If your internal
servers use DNS to locate each other, provide an internal DNS as well, that
quereies the DMZ DNS for any non-local requests. External requests should
never come to the internal DNS.
David G
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
