That depends on just how remote the DMZ is from where you want to administer it, and whether you want/need to administer it from work or home or the road, or ......
However, some combination of good software, good tunneling, good hardware, good security measures and private links are probably just what the doctor would order. Good Software: What you listed, or I've had good luck with NetMeeting Remote Desktop Sharing, and it's more secure and *much* faster than VNC and free, as long as you have a reasonably new version of IE (say 5.0 SP2 or better - prior to that I don't have experience with it.) Good Tunneling: PPTP works OK, but has some weaknesses, but if you already have some sort of VPN hardware on the router or firewall that you trust, you're mostly there. Private Links: Dedicated link like a frac-T1 or 56k/64k frame if you have a free interface on your router, or a modem that you can do dial-back with. Good Security: Opening only the ports necessary, and only for the IP addresses necessary, on the firewall for inbound and outbound traffic, if you're opening a remote desktop session of some sort. Good Hardware: I believe that Compaq and Dell (and probably others) have add-in boards that would allow a remote desktop to be opened, and they do lots of other stuff done as well. I'm sure I've left out lots of other alternatives, but these pop right to mind. Kurt | -----Original Message----- | From: Matt LYNCH [mailto:[EMAIL PROTECTED]] | Sent: Monday, November 19, 2001 14:17 | To: [EMAIL PROTECTED]; [EMAIL PROTECTED] | Subject: Remote Admin of DMZ | | | I have been given the task of administering a web server | contained within a | DMZ. I am OK with the admin side of things but would prefer | for time reasons | to be able to remotely administer this machine. I have always used | PCAnywhere, VNC and the MMC. But I now cannot use these due | to the security | risk. Does anyone else remote admin inside a DMZ and if so how?? | | All machine are NT 4.0, I use a W2K desktop. (Free would be | nice, but I am | also interested if there are commercial solutions available). | | Thanks in advance | | Matt |
