Mikael, Thanks for the great response, it was extremely helpful and I appreciate your taking the time to post it. To answer your question first, I have been doing some research into DCOM (on Microsoft's site) but it really hasn't clicked in my head yet. I will probably post something to explain it in more depth once I can figure it out well enough to explain it. However, I do not think it will even be a problem if the SQL server is in the same DMZ as the webserver. My concern was based on a programmer telling me that DCOM (Distributed Component Object Model) uses dynamic port allocation to communicate between machines. Since I was thinking that it would have to go through the firewall, rather than just work within the DMZ, I thought it would be an issue. <snip> I'd recommend placing a mail forwarder with content screening capabilities in a SEPARATE DMZ, and the Exchange server on the internal network. </snip> I have to ask a stupid question of you though (I just can't help it... its part of my nature), why do you recommend a seperate DMZ just for mail forwarding? Is it just an extra added layer of protection so that you can packet filter specifically for SMTP and HTTP on each DMZ or is there some more critical reason that I don't realize? Thanks again, Mike
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:02:12 PDT