Hi group! My company IT network architecture actually is based on separation between DMZ zone (Mail, Web and DNS servers) and intranet zone (Windows 2000 AD, Exchange and internals aplication servers) managed by IPCOP Box (orange and green zone). IPCop is also used as external firewall/NAT/Proxy. We have a security audition by an external company and they recommend to eliminate DMZ zone and integrate all servers into an high disponibility linux cluster. I think that this is not a really good idea and there's not justification to eliminate DMZ zone, perhaps it would be more secure to have 2 clusters, one in DMZ and the other one in green zone. Am I thinking OK? Any sugestion? Thanks in advance
- posted
16 years ago