Re: examples of DMZ infrastructure ?

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

---

• From: Pascal <pascal_t@xxxxxxxxxxxxxxxxxx>
• Date: Sun, 03 Jun 2007 00:32:04 +0200

---

Hi Paul,

thank you for your advices.

I will really appreciate if you could advice me some nice websites etc... about those king of implementation.

I really want to learn more about designing a secure infrastructure based on a DMZ.

If you or others know good websites, white papers etc... about that, please let me know.

Have a nice day

There's no easy answer here. Implementing such a solution requires careful thought and planning, primarily focusing on the business requirements but also considering the existing infrastructure and the cost of implementing the different type of domains.

In the past, I've been involved in similar implementations where we've used multiple firewalls and reverse proxy. Whether or not you need to use ADAM is dependant on your application. As an example, one way of implementing the traditional two-tier web application with integrated authentication, could be to do the following:

A "DMZ" situated in between the external facing firewall and the internal facing firewall.
Your web servers and SQL servers sit in this zone, as part of a DMZ-only AD domain, which has a one-way outgoing trust to your internal domain (configured with selective authentication).
The internal firewall has rules that allow AD traffic to pass between the the DCs and SQL boxes in the "DMZ" to the internal AD DCs that you configure selctive auth with (and vice versa).

You need to do a lot of reading and design work on this, before you start out. You might want to consider getting the help of an experienced consultant to aid in your design.

--
Pascal


.

---

• References:
  • examples of DMZ infrastructure ?
    • From: Pascal
  • Re: examples of DMZ infrastructure ?
    • From: Paul Williams [MVP]

• Prev by Date: Re: 2003 AD R2 schema upgrade from Win 2000 Server?
• Next by Date: Re: Limit to number of user accounts per DC or GC?
• Previous by thread: Re: examples of DMZ infrastructure ?
• Next by thread: Re: Event 4321 Source NetBT
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: is there a rule ... ... all just absolute nightmare websites, ... some hacks to design a website that EVERYONE hates. ... had listened to the comments of their readers, ... straightforward navigation is key. ... (rec.bicycles.racing) Re: Website for Comments and or Suggestions ... How many of your competitor's websites have background music? ... I would again encourage you to spend some time reading and studying some of the material at the links I gave you about web design. ... |> | website and ask for feedback, and I admire and respect that. ... |> | Look, I am not an expert web designer, and my opinions are just that. ... (microsoft.public.publisher.webdesign) Philosophy of website design ... / or fonts better. ... Checking out some of the websites listed in the sigs of the regulars I see ... the hands of the end-user and compromises accessibility. ... creativity and design using all these techniques and more -- I return to ... (alt.html) Websites for $199/mo...request an online demo today ... AutoRevo: Optimized Flash Websites ... Get Your Professionally Designed, Flash-Accented Website ONLINE ... Search Engine Optimized Design ... This message was sent by AutoRevo using VerticalResponse ... (freebsd-questions) RE: Not using system settings/prefs... ... concern here is some applications do not use our system setting color ... the behavior we are discussing is as per design. ... the websites theme is absolutely another topic. ... (microsoft.public.dotnet.general)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.active_directory  > 2007-06