Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

security issues

Hi:

i have a pix firewall, which is conneted to DMZ, outside and inside and i have also a web server which used as public service for the outside users (any client) my points if i put this server in the LAN instead of dmz by using static nat what security risk may i faces .

regards

1 REPLY
New Member

Re: security issues

Issue of a DMZ utility depends on your tolerence to the risk of any web-attack. If you put your web-server on your internal network, you may be facing the risk of an intrusion on this server. Then your internal network will be at risk. Right? Personally I'd put a web-server into a DMZ and would set the lesser ACL's as possible to minimize the risk.

eg access-list outside permit any web-server tcp 80

You may also want to add a few ports from the inside to the web-server for management purpose.

Hope it's clearer now,

Mike

87
Views
0
Helpful
1
Replies
CreatePlease to create content