If anyone compromises your web server they will now have access to your
entire internal network. DMZ's are necessary to segment and control access.
If you place the server in the DMZ and it is compromised it only threatens
nodes inside the DMZ assuming your internal network doesn't trust DMZ nodes.
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Rob Serfozo
> Sent: Thursday, July 13, 2000 6:21 AM
> To: Firewalls LIST
> Subject: Firewall setup
>
>
> We have a pix 515 and one webserver that will be available to the public.
> We have tried the dmz route and seem to be having problems
> communicating to
> the inside server, so we are considering this.
>
> We want to put the webserver on our inside network and allow connections
> through a static and conduit statement. This will resolve our
> problems with
> communication to the inside non public server.
>
> What do you all think.
>
> Rob
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
