I would like to know if it's a good idea to put an NT server (primary domain controller) as an Internet gateway...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
(with a proxy like Wingate)? Or is it more prudent to use a workstation on the LAN for this job?
I would definately avoid using my PDC as an Internet gateway. There is a great deal of danger in doing so! There is a huge amount of functionality on the box for an attacker to compromise. If they do take over the machine, you lose in all sorts of ways -- the attacker has complete access to your systems from the Internet and can pose as any user! Yikes!
I would use a minimal install of Windows workstation as my Internet gateway. Don't just use one on the LAN; use it as a true dual-homed gateway separating your LAN from the Internet. Wingate is a fine tool to use for filtering on such a machine in a small environment (5 to 25 machines); I've used it in many small networks.
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Infrastructure & Network Security
WhatIs.com Definition: Wingate
Dig Deeper on Web application and API security best practices
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.