I have 2 web servers which are currently behind my firewall (Watchguard XTM-505). All websites on these servers have SSL Certs and our users authenticate to applications with their domain credentials. All applications use a SQL database on a separate server. I have Port 443 forwarded to the web servers.
My boss wants me to put any public facing web servers into a DMZ. From what I understand, if I do so, I would then have to open some ports on the firewall for those users to authenticate to one of our DC's. Therefore, I believe, I have a less secure enviroment.
Any comments would be appreciated.
I just want to make sure I'm missing the boat.
Thanks,
Scott
My boss wants me to put any public facing web servers into a DMZ. From what I understand, if I do so, I would then have to open some ports on the firewall for those users to authenticate to one of our DC's. Therefore, I believe, I have a less secure enviroment.
Any comments would be appreciated.
I just want to make sure I'm missing the boat.
Thanks,
Scott