Hi Roy,
By opening your firewall to the web server located on your LAN you've already
lost the battle. When your web server is compromised the attacker will already
be inside your trusted network. By placing your web server in your DMZ your
able to reduce the risk of compromise to your trusted network. Of course your
DMZ architecture is key, being able to deny all direct inbound traffic from the
web server to the trsuted net will be necessary for the above statement to be
true.
So in a nutshell you would be looking at something like this for it to be
effective:
<Screening router> ---------<WWW DMZ> -------- <FW Blocking all inbound
connectivity> ------- <Choke Router> ----------------- <Trusted Net>
(Not completely
necessary)
Hope this helps, (If FW is
application based)
--Neil
"Roy" <[EMAIL PROTECTED]> on 09/01/99 12:13:07 PM
Please respond to "Roy" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
cc: (bcc: Neil Buckley/Lycos)
Subject: Pros/Cons of WWW Server in LAN vs DMZ?
We have the option of placing a www app server outside our firewall, in the
DMZ or behind the firewall in our LAN by opening port 80 to the www app
server's IP address.
What are the pros and cons of placing it in the DMZ vs in the LAN?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
att1.eml- Pros/Cons of WWW Server in LAN vs DMZ? Roy
- Re: Pros/Cons of WWW Server in LAN vs DMZ? Paul D. Robertson
- RE: Pros/Cons of WWW Server in LAN vs DMZ? David Markle
- RE: Pros/Cons of WWW Server in LAN Vs DMZ? Drennan, Richard
- RE: Pros/Cons of WWW Server in LAN vs DMZ? NBuckley
- RE: Pros/Cons of WWW Server in LAN vs DMZ? Ng, Kenneth (US)
- RE: Pros/Cons of WWW Server in LAN vs DMZ? Morse, Michael H.
- RE: Pros/Cons of WWW Server in LAN vs DMZ? Frederick M Avolio
- RE: Pros/Cons of WWW Server in LAN vs DMZ? Sam James
- RE: Pros/Cons of WWW Server in LAN vs DMZ? Fogel, Avi
- RE: Pros/Cons of WWW Server in LAN vs DMZ? Ng, Kenneth (US)
- RE: Pros/Cons of WWW Server in LAN vs DMZ? Paul McNabb
- RE: Pros/Cons of WWW Server in LAN vs DMZ? NBuckley
- Pros/Cons of WWW Server in LAN vs DMZ? Blair Seidler
