D-Link DFL-1600 User Manual page 148
Network security firewall
Hide thumbs
Also See for DFL-1600:
- Quick manual (22 pages) ,
- User manual (552 pages) ,
- Log reference manual (476 pages)
Table of Contents
Advertisement
128
Chapter 16. DMZ & Port Forwarding
Example:
A corporation's Web server
We take a look at a simple example, showing one utilization of DMZ with a
D-Link firewall.
The most common publicly available service that every corporation need to
have is Web browsing(HTTP). However, it is unsafe to place a Web server
inside the internal network together with other private computers, because
such server can easily be exploited in a harmful way by intruders. When
the server falls into the control of a wrong hand, other private computers
will be vulnerable to attacks. Therefore, such service should be located in a
separate network area – DMZ.
Figure 16.1: A Web Server in DMZ
In this example, we have a D-Link firewall connecting a private LAN, a
DMZ subnetwork, and the Internet, shown in Figure 16.1. The firewall
takes charge of a) all the connections from the Internet to the DMZ; b)
necessary connections from the DMZ to the private LAN. The Web sever is
placed in the DMZ. Requests to Web browsing service go through the
firewall, and are forwarded to the Web server.
We can define Rules that let the server in the DMZ accepts only certain
types of service requests, HTTP–based requests in this case, to protect the
D-Link Firewalls User's Guide
Advertisement
Table of Contents
