My general rule is to put anything that the outside world accesses in my
DMZ. In my network this means a separate network connected to a different
interface of the firewall. That is not always possible but as a general
rule, you want to keep the outside world out of your internal network.
You also only want to put those machines in your external DNS that the
public needs access to and keep your internal machines in a separate one.
On NT, setting this up is relatively simple.
Jim Edwards
-----Original Message-----
From: Chinnery Paul [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 12, 2000 2:22 PM
To: [EMAIL PROTECTED]
Subject: [FW1] Best practice: DNS location
Currently using FW 4.0 on an NT 4.0 network.
Our ISP wants us to install our own DNS and use them as secondary.
My question is where the DNS should be: should it be on our firewall server
or on our internal network. We are using NAT.
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
