Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

DMZ and outerfirewall of a enterprise infrastructure

 
Isuru Samaraweera
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

I want to make sure that "DMZ" and outer boundary firewall concept do not help to prevent network based attacks.
Rather it prevents attacks from public.

Please provide your input on this matter.

Thanks,
ISuru

 
Ulf Dittmer
Rancher
Posts: 42969
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I assume that by "network based attacks" you mean attacks originating from inside of the firewall. A DMZ also helps against those if they are targeting the apps running in the DMZ. Of course, from inside the firewall more kinds of attacks are possible, and against a wider range of targets, so it's fair to say that a DMZ's primary purpose is indeed to guard against attacks from the outside.
 
Isuru Samaraweera
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ulf,
Thanks for the clarification.
Yes network based attacks means,attacks from inside.If attacked damage can be minimized through principles like least privilege and privileged access to all databases.

If you object please repond.

Regards,
Isuru
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic