And no longer have a DMZ by my definition. You just have another subnet for your domain.
-----Original Message----- From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, March 14, 2013 2:45 PM To: NT System Admin Issues Subject: RE: Difference between port forwarding and DMZ And you make swiss cheese of your firewall. Thanks Webster > -----Original Message----- > From: David Lum [mailto:david....@nwea.org] > Sent: Thursday, March 14, 2013 1:35 PM > To: NT System Admin Issues > Subject: RE: Difference between port forwarding and DMZ > > " I'll make another sweeping statement here: Don't put any machine in > the DMZ that requires membership in your production domain. At that > point you don't have a DMZ, you merely have another subnet of your > production network, and basically no protection." > > How does this work, then? RDS Gateway servers need to be domain-joined > http://blogs.msdn.com/b/rds/archive/2009/07/31/rd-gateway-deployment- > in-a-perimeter-network-firewall-rules.aspx > > Dave ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin