Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Static Nat vs DMZ

Does anyone know of any security risks of opening port 80 to a host on our local network using static nat vs putting it into the dmz?

Thanks,

Bob

3 REPLIES
New Member

Re: Static Nat vs DMZ

By placing the http server in you internal network you become extremely vulnerable in case your http server becomes compromised (which is not so unlikely as might seem). By placing it on a dedicated DMZ network, you will be able to prevent other systems being attacked.

New Member

Re: Static Nat vs DMZ

Don't use the static command from user in your inside network. if you have to open port 80 put it in the DMZ.

Hope it help

Re: Static Nat vs DMZ

ditto ditto ditto...if you open port 80 on your internal LAN script-kiddies and any 2 bit hacker can walk right in w/o much effort

954
Views
0
Helpful
3
Replies
CreatePlease to create content