| Designed for engineers and administrators, this book covers everything needed to plan out and integrate a DMZ into a network for small, medium and Enterprise networks. In most enterprises the perception is that a firewall provides a hardened perimeter, but the security of internal networks and hosts is usually very soft. In such an environment, a non-DMZ system that is offering services to the Internet vreates the opportunity to leapfrog to other hosts in the soft interior of your network. In this scenario your internal network is fair game for any attacker who manages to penetrate your so-called hard perimeter. The primary role of a DMZ is to mitigate risks associated with offering services to untrusted clients. It accomplishes this by providing network-level protection for a hosting environment, as well as segregating public hosting facilities from the private network infrastructure. This small but crucial segment of the network i the section exposed to the public Internet and is the section exposed to the public Internet and is the msot difficult area on the network to create and maintain both from an engineering standpoint and a security standpoint. In this book, readers can learn how to make DMZs utilizing the IT world's best of breed software and hardware products. |
