Q

Whether to put Exchange server in DMZ or internal network

We use an SMTP relay that sits in front of our Exchange 5.5 server. This product does some filtering, blocking and archiving for regulatory compliance. Right now it is inside the firewall, but we recongnize the need to put this machine in a DMZ area.

The internal debate is whether or not the Exchange server itself should go in the DMZ or stay in the internal network. One side says put Exchange (5.5, but moving to 2K) in the DMZ to eliminate traffic from the outside to the inside. The other side of the debate feels that puts sensitive information closer to the edge of the network and that the data is safer on the inside.

Can you offer any suggestions to help us break the deadlock?


Deadlock broken: Put the relay in the DMZ and leave the Exchange server in protected space.


For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Infrastructure and network security
Ask the Expert: Guidelines for designing a DMZ with defined levels of access
Ask the Expert: Placement of security solutions on a network


This was first published in January 2003

Dig deeper on DMZ Setup and Configuration

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close