We wish to make our library Web OPAC available on the World Wide Web. We have been advised by our IT support and network contractors that we need to implement a DMZ to do this safely, (i.e. the server where the library system and OPAC software are installed needs to be isolated from the rest of the network.) What is the easiest/cheapest way of doing this? Someone at the library system vendor company suggested that a PC with two network cards might be sufficient. The organization is running a SonicWall firewall.
DMZ needs to be created to securely deploy the Web site and isolate the Internal Network from being accessed from the Internet.
The solution depends on the kind of Web site to be hosted. If security is not of a great concern, then a server with two NIC's is also an option. This will be cheap and easy as well. Just make sure that the Server is hardened before deployment. Install Packet filtering software so that you can restrict/filter the traffic.
For better security you can also take advantage of SonicWall Firewall already running on your network. The firewall provides multiple isolated security zones and this is done through its Stateful inspection feature.
Dig Deeper on Network Security Monitoring and Analysis
Related Q&A from Puneet Mehta
To view network security expert Puneet Mehta's latest advice, see his Public Profile on the IT Knowledge Exchange: https://... Continue Reading
Find out if there's a difference between a virtual private network (VPN) concentrator and a network access server (NAS) in this explanation from our ... Continue Reading
Our network security expert explains how to keep unauthorized users from accessing your router's IP address for Internet access in this advice ... Continue Reading