Scribd
Upload
84 views3 pages

Securing Web Access Using DMZ

To secure a network and web access, a DMZ (demilitarized zone) can be used. A DMZ is a physical or logical sub-network that contains and exposes an organization's external-facing services to the larger, untrusted network (usually the Internet). This provides an extra layer of security by only allowing outside attackers direct access to devices in the DMZ, not elsewhere on the network. The Cisco ASA 5505 firewall implemented in Cisco Packet Tracer can be used to create inside, outside, and DMZ zones to place publicly accessible servers like a web or mail server in the DMZ. However, the default license in Packet Tracer only allows two security zones, so upgrading to the "

Uploaded by

Shamshad Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
84 views3 pages

Securing Web Access Using DMZ

To secure a network and web access, a DMZ (demilitarized zone) can be used. A DMZ is a physical or logical sub-network that contains and exposes an organization's external-facing services to the larger, untrusted network (usually the Internet). This provides an extra layer of security by only allowing outside attackers direct access to devices in the DMZ, not elsewhere on the network. The Cisco ASA 5505 firewall implemented in Cisco Packet Tracer can be used to create inside, outside, and DMZ zones to place publicly accessible servers like a web or mail server in the DMZ. However, the default license in Packet Tracer only allows two security zones, so upgrading to the "

Uploaded by

Shamshad Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

SECURING WEB ACCESS USING DMZ

To secure a Network or a web access it is necessary to ensure that our devices are secure from all

kinds of attacks. One popular method for securing network and web access is by making use of

firewalls.

In PC security, a DMZ or neutral ground (some of the time alluded to as an edge system) is a

physical or consistent sub arrange that contains and uncovered an association's outer confronting

administrations to a bigger and untrusted system, typically the Internet. The reason for a DMZ is

to add an extra layer of security to an association's neighborhood (LAN); an outer assailant just

has direct access to gear in the DMZ, instead of whatever other piece of the system.

1
The ASA 5505 actualized in Cisco's Packet Tracer is the littlest model in the most up to date

5500 arrangement of Cisco firewalls. It is an awesome item for little organizations (5-10

workers) or notwithstanding for home system use. Nonetheless, in the event that you have to

make a DMZ zone (notwithstanding your Inside and Outside zones) so as to introduce an openly

available server (e.g. WEB server, MAIL server and so on.), then the default fundamental permit

gave by Packet Tracer 6.1 won't work for you. The fundamental permit does not permit more

than 2 security zones. You should move up to "Security Plus" permit which likewise upgrades

some other firewall parameters (more firewall associations, more remote access VPN sessions,

and trunking with 20 VLANs).

Because of the above restrictions in our lab we will utilize Packet Tracer to design a little

security system with the accompanying prerequisites:

• Computers within interface will be permitted to get to the web server mysite.com in the

web.

• Computers within will likewise have entry to the SharePoint server in the DMZ

• Remote PCs will likewise be permitted to get to the web yet won't be permitted to get to

PCs within or the SharePoint server on the DMZ interface.

• The DMZ will likewise go about as a visitor hotspot permitting visitor PCs to unite with

the web and the SharePoint server by means of a remote interface.

2
• Guest PCs won't have admittance to PCs or servers on inside interface.

You might also like