Should I use a Front -End server

I am having a debate with a consultant who wants to put a front end server
out on our DMZ to segregate any contact the outside world has with our
network. He says that putting it and have the back-end go and retreive would
provide the best security. We will have SMTP, POP, and OWA enabled. Now
while I know and ISA for this would be MS choice and possibly the best,
financially we cannot do that. My question is how much more vulnarable would
we be just to put that all on the back-end in our network, of course using
SSL.

Thanks for your time
.

Relevant Pages

  • Re: [fw-wiz] Rationale of the great DMZ
    ... >DMZ and its implied security has changed. ... Network activity wouldn't ... >necessarily begin from the DMZ and be tunneled in to the internal network. ... >Commonly SSL accelerators terminate the SSL end point prior to the ...
    (Firewall-Wizards)
  • Re: Firewall and DMZ topology
    ... attacker cannot spread his influence across the network. ... If the DMZ resides between the public Internet and the ... Should the DMZ be behind the LAN and not split off at the firewall, ... > The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
    (Security-Basics)
  • RE: SUS server
    ... Where in my network should I place the SUS server? ... Everything inside my network can talk to the DMZ, ... SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers of ...
    (Focus-Microsoft)
  • RE: 504 Proxy timeout only with SSL traffic
    ... the DMZ network is considered External to the ... this may have an effect when you access the DMZ. ... And can access all other HTTPS sites on the internet? ... that there may be something wrong with the proxy engine on the ISA, ...
    (microsoft.public.isa)
  • Ang: RE: Firewall and DMZ topology
    ... Network Engineer ... Subject: Firewall and DMZ topology ... > The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
    (Security-Basics)
Loading