Re: Why should I use back-to-back DMZ?

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 6 Feb 2002 08:18:03 -0800

The biggest benefit to use B2B DMZ is that ISA can make use of server / web 
publishing to control access to the DMZ servers, whereas in a third-leg DMZ, 
the traffic is controlled only through packet filters.
PF have no knowledge of L4 and above, while the web proxy and firewall service 
have Extensions (web filters and application filters, respectively) that make 
them just a bit smarter than your average PF.

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!

  ----- Original Message ----- 
  From: Goktug Yildirim 
  To: [ISAserver.org Discussion List] 
  Sent: Thursday, January 31, 2002 03:38
  Subject: [isalist] Why should I use back-to-back DMZ?


  http://www.ISAserver.org


  What is the difference between the traditional DMZ and ISA back-to-back DMZ 
with private addresses?

  What are the benefits?

  Why translating the public to private (as in back-to-back DMZ with private 
addresses on DMZ) is more secure than filtering public addresses (as in 3 NICs 
DMZ)?

  Thanks,

   

   

  ------------------------------------------------------
  You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
  To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » Why should I use back-to-back DMZ?
• » Why should I use back-to-back DMZ?
• » Re: Why should I use back-to-back DMZ?

1. Home
2. isalist
3. Archive
4. 02-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---