What is the easiest/cheapest way to implement a DMZ?

What is the easiest/cheapest way to implement a DMZ?

We wish to make our library Web OPAC available on the World Wide Web. We have been advised by our IT support and network contractors that we need to implement a DMZ to do this safely, (i.e. the server where the library system and OPAC software are installed needs to be isolated from the rest of the network.) What is the easiest/cheapest way of doing this? Someone at the library system vendor company suggested that a PC with two network cards might be sufficient. The organization is running a SonicWall firewall.

    Requires Free Membership to View

    Login

    By submitting your registration information to SearchNetworking.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchNetworking.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

DMZ needs to be created to securely deploy the Web site and isolate the Internal Network from being accessed from the Internet.

The solution depends on the kind of Web site to be hosted. If security is not of a great concern, then a server with two NIC's is also an option. This will be cheap and easy as well. Just make sure that the Server is hardened before deployment. Install Packet filtering software so that you can restrict/filter the traffic.

For better security you can also take advantage of SonicWall Firewall already running on your network. The firewall provides multiple isolated security zones and this is done through its Stateful inspection feature.

This was first published in December 2003

Back to top