Re: DNS Best Practices
From: Todd J Heron (todd_heron_no_spam_at_hotmail.com)
Date: 09/22/04
- Next message: Todd J Heron: "Re: Explorer.exe has generated errors and will be closed by windows"
- Previous message: Aaron: "Re: RAID 10, 01"
- In reply to: Shaun: "DNS Best Practices"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 22 Sep 2004 16:21:20 -0400
"Shaun" <Shaun@discussions.microsoft.com> wrote in message
news:8E5718B3-24D6-4F38-810D-7FE7D1AABC42@microsoft.com...
> Before we get started let me set the scene. My organization is currently
a
> Windows NT enviroment but will soon be embarking on Active Directory 2003.
> We currently have a DMZ via one-arm routing. We have three web servers in
> this DMZ and all are isolated from the internal network. Currently our
DNS
> is outsourced but we are looking to bring it in house do to some
reliability
> issues we have been having with our vendor. I am thinking that it would
be
> best to create a Windows 2003 DNS server in our DMZ for the web servers.
On
> the internal network install DNS integrated with AD and have the internal
> DNS/AD servers foward request for addresses outside of the internal
network
> to the DNS servers in the DMZ. We are looking at security and preventing
> things such as footprinting. I am on the right track here, or is my
maddness
> flawed? Please advise
Your plan looks good to me. Forward from your internal AD DNS servers to
the DMZ DNS servers and then forward from your DMZ DNS servers to your ISP
(or straight to the Internet Root servers).
-- Todd J Heron, MCSE Windows 2003/2000/NT
- Next message: Todd J Heron: "Re: Explorer.exe has generated errors and will be closed by windows"
- Previous message: Aaron: "Re: RAID 10, 01"
- In reply to: Shaun: "DNS Best Practices"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
