Re: AD in DMZ

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 10 Jul 2003 20:32:50 -0500

:-)

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 



-----Original Message-----
From: Deus, Attonbitus [mailto:Thor@xxxxxxxxxxxxxxx] 
Sent: Thursday, July 10, 2003 4:05 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD in DMZ


http://www.ISAserver.org


At 01:46 PM 7/10/2003, you wrote:
>http://www.ISAserver.org
>
>Hi Brian,
>
>You use RRAS packet filters and IPSec Policies to create a LAT-based
DMZ. 
>But remember, its NOT a real DMZ if you put private assets into it. Its

>like me putting my ex-mother in law in the Korean DMZ. Hmmm. well,
that's 
>not the best analogy, but you know what I mean. A DMZ is design as an 
>entirely separate and distinct security zone that if compromise has no 
>effect on your protected assets. Extending the private network's
security 
>zone into the DMZ entirely breaks the underpinnings of the DMZ concept.
At 
>that point all you have is a "screened subnet", not a DMZ.
>


Don't you WANT to put your ex-mother-in-law in the Korean DMZ? :-p

t


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ
• » Re: AD in DMZ

1. Home
2. isalist
3. Archive
4. 07-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---