×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Expressway-E VMWARE dual interface

Unanswered Question
Oct 29th, 2014
User Badges:

Hi All

There is a firewall between DMZ and Internal network. We have used expressway E as dual interfaces one is in the DMZ and other is in the internal network.

Clint is insisting that there is security risk deploying expressway in this way? Please advice

 

Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
bernhardczapp Thu, 10/30/2014 - 01:45
User Badges:
  • Bronze, 100 points or more

Your Client is right!

Expressway E is supposed to be connected to the DMZ network.

If you can use an offical ip without nat address you only need 1 interface.

If you have to use nat then you will need two dmz networks.

 

You can find information within the Configuration Guides:

http://www.cisco.com/c/en/us/support/unified-communications/expressway-s...

waqas sardar Fri, 10/31/2014 - 05:51
User Badges:

If that host gets compromised then the attacker will be able to innitiate traffics to both interfaces without going across the firewall.

My Question is there any security risk deploying expressway in this way one interface is in DMZ and other is in internal?

 

 

Actions

This Discussion