General discussion

Locked

DMZ & public IP

By rajivnarayanan@hotmail ·
I have situated the corporate domino on a DMZ. Side by side there is also a webmail with an public IP in the same server room.Domino clients wil mail to the mail boxes residing in the webmail server and vice versa.The webmail is accessd by remote users via net. How can I ensure security in such a situation.

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by BFilmFan In reply to DMZ & public IP

How to setup a Dmonino server in a DMZ:
http://www-106.ibm.com/developerworks/lotus/library/smtp-dmz2/

Collapse -

by walesman In reply to DMZ & public IP

Hi

It all depends on the type of firewall you are using. Public ip's should be on the outside interface and then the DMZ should be on a private range ie 192.168.1.0. Then setup a NAT pool to allow access from the internet to the DMZ. This will give beter protection for your servers, plus if you use something like a Cisco PIX it has fixup support to stop illegal commands being sent to the web and mail servers stopping some of the more common attacks.

You can also install something like the Cisco CSA agent or ISS agents on your servers which provide realtime protection from Viruses and hack attempts.

Or a good IDS/IPS unit would give a good protection. Something like a ISS proventia or Cisco IDS unit.


Hoep this may of given you some areas to think about.

Back to Security Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums