Designing and Building Enterprise DMZs


  • Hal Flynn, Vulnerability Analyst for Symantec Corporation

This is the only book available on building network DMZs, which are the cornerstone of any good enterprise security configuration. It covers market-leading products from Microsoft, Cisco, and Check Point.One of the most complicated areas of network technology is designing, planning, implementing, and constantly maintaining a demilitarized zone (DMZ) segment. This book is divided into four logical parts. First the reader will learn the concepts and major design principles of all DMZs. Next the reader will learn how to configure the actual hardware that makes up DMZs for both newly constructed and existing networks. Next, the reader will learn how to securely populate the DMZs with systems and services. The last part of the book deals with troubleshooting, maintaining, testing, and implementing security on the DMZ.
View full description


Designing and Building Enterprise DMZs: This audience is comprised of engineers and administrators, who: 1. Protect their network and storage data from theft and/or corruption. 2. Ensure both Web-based and internal application and data availability to customers, business partners, and employees. 3. Optimize network hardware, software, storage, and bandwidth resources. They accomplish these tasks by installing, configuring, troubleshooting, and maintaining a combination of commercial and open source firewalls/VPNs, security appliances, Intrusion Detection Systems (IDSs), packet analyzers (Sniffers), and AntiVirus applications. This audience is task oriented and focused on executing IT objectives mandated by their ever-changing business needs.


Book information

  • Published: November 2006
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-100-6

Table of Contents

1: DMZ Concepts, Layout and Conceptual Design2: Windows 2000 DMZ Design3: Solaris DMZ Design4: Wireless DMZ’s (WDMZs)5: Firewall Design: Cisco PIX6: Firewall and DMZ Design: Checkpoint NG7: Firewall and DMZ Design: Nokia Firewall 8: Firewall and DMZ Design: ISA Server 2000 9: DMZ Router and Switch Security 10: DMZ Based VPN Services 11: Wireless DMZ Implementation 12: Sun Solaris Bastion Hosts13: Windows 2000 Bastion Hosts14: Hacking the DMZ15: Intrusion Detection in the DMZ