Web servers and firewall zones

Web Servers and Firewall Zones

If you have, or are planning to have web servers connected to your network, you will need to consider the security implications

Firewall, internet, web server, ftp server, security, dmz, lan, IIS, SQL, hacker, hacking

Web and FTP Servers

Every network that has an internet connection is at risk of being compromised. Whilst there are several steps that you can take to secure your LAN, the only real solution is to close your LAN to incoming traffic, and restrict outgoing traffic.

However some services such as web or FTP servers require incoming connections. If you require these services you will need to consider whether it is essential that these servers are part of the LAN, or whether they can be placed in a physically separate network known as a DMZ (or demilitarised zone if you prefer its proper name). Ideally all servers in the DMZ will be stand alone servers, with unique logons and passwords for each server. If you require a backup server for machines within the DMZ then you should acquire a dedicated machine and keep the backup solution separate from the LAN backup solution.

The DMZ will come directly off the firewall, which means that there are two routes in and out of the DMZ, traffic to and from the internet, a

 

Recommended For You