Security

last person joined: 6 days ago 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.

  • 1.  Isolating a server behind firewall?

    Posted 06-09-2011 09:02

    We have the following zones:

     

    eth0 - Trust

    eth1 - DMZ (not currently used)

    eth 2 - UnTrust

    eth3 - HA

     

    We are planning a dial-up IPsec vpn from UnTrust -> 'server behind firewall' ...... but, we want to isolate the server from the other servers that are also behind the firewall.... what is the best way to do this? ..... should I connect the server to eth1 or eth3? or is there a better way?

     

    thanks.



  • 2.  RE: Isolating a server behind firewall?
    Best Answer

    Posted 06-10-2011 05:54

    Sounds like perfect candidate for the DMZ.  You would create Dial-up VPN policies from Untrust to DMZ.  You can control all other traffic to/from that server with additional security policies.