Here is the setup.
I have a FW with multiple interfaces.
One interface, I have our NT network with a couple of mission servers on this network.
Second interfacfe, I have a DMZ zone with a couple of Remote Mission servers.
Third interface, I have my external network to the world.
OK. On our internal NT network we have these mission servers that remote Payload Developers need to access to view procedures or data on.
Instead of giving them SecuRemote access to our internal NT network, we put them additional mission servers on a DMZ zone and use Octopus to do Data Replication between the Internal Mission Servers to the Servers located on the DMZ zone. We set up a one-way trust to do this but it seems there may even be security concerns doing this. Has anyone done anything similiar to this and does anyone have a pretty good bit of knowledge in Legato's Octopus software to know how to set this up without setting up a trust? Or just tell me "can it be done"? It seems that I can build the rules in the firewall to disallow any traffic to my internal mission network but as long as that trust is needed for Octopus replication, I have to allow certain ports open to my internal net.
Anyone got a good security recommendation for this one???? These are approved SecuRemote users but if they access my server in the DMZ, how easy is it for them to access a resource on my internal network?
Thanks in advance!
Holly Wales
Lockheed Martin
[EMAIL PROTECTED]
phone: 256-544-4179
fax: 256-544-2401
