IT Employment

General discussion


DMZs & Windows Domain Questions

By mandms7 ·
We are going to be implementing a new in-house online banking platform. It will incorporate several different servers (webserver, database server, middleware server). I need to determine a secure method for incorporating this into our network, and I have some questions:

1) How many DMZs do you think I should have. The webserver will go into one, but should the database servers and middleware servers go into the same DMZ or go into their own DMZs? Or do I just put the database and middleware servers into our internal LAN?

2) The webserver will need to communicate with a core processing server that resides on our internal LAN. Is there any miracle solution to allow this communcation to occur other than opening ports on the firewall?

3) How do you normally handle Windows domain membership for servers that are in a DMZ. Do you make them part of your internal network's domain, have them be in their own domain, or leave all of them in a workgroup?

4) Not necessarily related to the above questions, but how do you generally determine how many DMZs to have on your network? Any particular reason you wouldn't want to put a number of unrelated servers in a DMZ to minimize the number of DMZs you need?

Thanks for your assistance!

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums