Seeking advice - Securing Server Traffic tio The Internet

Seeking advice - Securing Server Traffic tio The Internet
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Seeking advice - Securing Server Traffic tio The Internet hedon 01-06-2007
Posted by =?Utf-8?B?aGVkb24=?= on January 6, 2007, 7:28 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
We have a member Server. W2K3, with dual NICs that responds to domain
traffic Vlan, 192.160.1.0/27 and Internet Vlan, 192.168.1.32/27. The server
needs to access the net for purposes of updating WSUS, AV pattern updates.
The server is protected by Cisco CBAC Firewall.

How can I force all update traffic (http) to use the 192.168.1.32 vlan? Is
their a better way I can design network flow, with the priority on server
protection.

Thanks in advance for help


Posted by =?Utf-8?B?SmVzcGVy?= on January 7, 2007, 1:10 am
If you were  Registered and logged in, you could reply and use other advanced thread options
You could just modify the router tables so there is no default route on the
domain traffic vlna, but I'm a bit confused as to what risk you are trying to
mitigate.

"hedon" wrote:

> We have a member Server. W2K3, with dual NICs that responds to domain
> traffic Vlan, 192.160.1.0/27 and Internet Vlan, 192.168.1.32/27. The server
> needs to access the net for purposes of updating WSUS, AV pattern updates.
> The server is protected by Cisco CBAC Firewall.
>
> How can I force all update traffic (http) to use the 192.168.1.32 vlan? Is
> their a better way I can design network flow, with the priority on server
> protection.
>
> Thanks in advance for help
>

Posted by =?Utf-8?B?aGVkb24=?= on January 7, 2007, 7:48 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I would like to allow to member server to the Internet Vlan (192.168.1.32)
for port 80 traffic only. When server starts updates it does not no which NIC
to send out http traffic. How can I solve this issue?

"Jesper" wrote:

> You could just modify the router tables so there is no default route on the
> domain traffic vlna, but I'm a bit confused as to what risk you are trying to
> mitigate.
>
> "hedon" wrote:
>
> > We have a member Server. W2K3, with dual NICs that responds to domain
> > traffic Vlan, 192.160.1.0/27 and Internet Vlan, 192.168.1.32/27. The server
> > needs to access the net for purposes of updating WSUS, AV pattern updates.
> > The server is protected by Cisco CBAC Firewall.
> >
> > How can I force all update traffic (http) to use the 192.168.1.32 vlan? Is
> > their a better way I can design network flow, with the priority on server
> > protection.
> >
> > Thanks in advance for help
> >

Posted by Roger Abell [MVP] on January 7, 2007, 12:51 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

>I would like to allow to member server to the Internet Vlan (192.168.1.32)
> for port 80 traffic only. When server starts updates it does not no which
> NIC
> to send out http traffic. How can I solve this issue?
>

That was answered last night to your identical post in other thread.

In the future please consider cross-posting when it is appropriate
to send one post to multiple newsgroups, rather than multi-posting
(sending the same, one at a time, to the newsgroups).

Roger

> "Jesper" wrote:
>
>> You could just modify the router tables so there is no default route on
>> the
>> domain traffic vlna, but I'm a bit confused as to what risk you are
>> trying to
>> mitigate.
>>
>> "hedon" wrote:
>>
>> > We have a member Server. W2K3, with dual NICs that responds to domain
>> > traffic Vlan, 192.160.1.0/27 and Internet Vlan, 192.168.1.32/27. The
>> > server
>> > needs to access the net for purposes of updating WSUS, AV pattern
>> > updates.
>> > The server is protected by Cisco CBAC Firewall.
>> >
>> > How can I force all update traffic (http) to use the 192.168.1.32 vlan?
>> > Is
>> > their a better way I can design network flow, with the priority on
>> > server
>> > protection.
>> >
>> > Thanks in advance for help
>> >



Similar ThreadsPosted
Re: Advice - solution for a company server September 26, 2005, 10:45 am
Advice - solution for a company server September 26, 2005, 9:50 am
Gurus: server on perimeter vs. corporate advice August 15, 2005, 11:36 pm
Seeking an explanation - can you help? November 16, 2008, 5:30 am
Seeking firewall rules for Diskeeper 2008 Home edition April 19, 2008, 8:39 pm
How is dangerous connect to server over internet with remote deskt July 21, 2006, 8:05 am
Re: Microsoft Internet Information Server 5.1 DLL Request Denial of Service Vulnerability December 21, 2005, 2:11 am
Curious DNS traffic October 17, 2007, 3:18 pm
Help! Securing a file February 12, 2006, 12:57 pm
Re: About malicious traffic and how to identify it... February 15, 2006, 5:20 pm

The site map in XML format XML site map

Contact Us | Privacy Policy