Welcome to ISAserver.org

DMZ Best Practice?

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Firewall] >> DMZ >> DMZ Best Practice?

Page: [1]

Message

<< Older Topic Newer Topic >>

DMZ Best Practice? - 21.Sep.2006 4:59:39 AM

charlieit

Posts: 83
Joined: 19.Aug.2004
From: US
Status: offline

The whole idea of a DMZ (or screened subnet) is that it is completely isolated from the LAN. But today's public app servers need to talk to e-mail servers, SQL servers, etc. that run on the LAN.

I have setup ISA Server 2004 for a number of clients and I have always been able to figure out some kind of workaround to keep the two subnets isolated. However, I have an implementation coming up where any workaround is completely out of the question. I need to configure a couple of public app servers on a screened subnet that will communicate with the LAN. In addition to this, the client wants me to implement a new Exchange server with OWA.

I'm looking for the best (most secure) ways (topology) to setup communications between public app servers and the LAN. Is this covered extensively in Shinder's books? If so, which ones? Are there any articles online or any other reference books anyone would recommend?

Thanks for the help.

--Charlie