GFI EventsManager within a Demilitarized Zone (DMZ)

Getting Started > Deployment scenarios > GFI EventsManager in a Demilitarized Zone

GFI EventsManager within a Demilitarized Zone (DMZ)

GFI EventsManager is able to monitor events generated by machines in a DMZ, from being installed within the LAN or by being installed directly in the DMZ. Since a firewall or a router usually protects this zone with network traffic filtering capabilities, you must make sure that:

The communication ports used by GFI EventsManager are not blocked by the firewall. For more information on the communication ports used by GFI EventsManager refer to: http://go.gfi.com/?pageid=esm_ports.
GFI EventsManager has administrative privileges over the computers that are running on the DMZ.

Important

GFI recommends to install GFI EventsManager directly in the DMZ as opposed to enabling firewall ports and permissions to allow communication between LAN and DMZ computers, servers and network devices.

The DMZ sits between the internal LAN and the Internet

A DMZ is the neutral network which sits between the “internal” corporate network and the “outside world” (Internet). The deployment of GFI EventsManager in a DMZ helps you automate the management of events generated by DMZ hardware and software systems; such as:

DMZ Automation	Description
Automate management of Web and Mail server events	DMZ networks are normally used for the running of hardware and software systems that have Internet specific roles such as HTTP servers, FTP servers, and Mail servers. Hence, you can deploy GFI EventsManager to automatically manage the events generated by: Web-servers including the W3C web-logs generated by Apache web-servers on LAMP web platforms Windows^® based web-servers including the W3C web-logs generated by Microsoft^® Internet Information Servers (IIS) Linux/Unix and Windows^® based mail-servers including the Syslog auditing services messages generated by Sun Solaris v. 9 or later Automate management of DNS server events If you have a public DNS server, there’s a good chance that you are running a DNS server on the DMZ. Hence you can use GFI EventsManager to automatically collect and process DNS server events including those stored in your Windows^® DNS Server logs.
Automate management of DNS server events	If you have a public DNS server, there’s a good chance that you are running a DNS server on the DMZ. Hence you can use GFI EventsManager to automatically collect and process DNS server events including those stored in your Windows^® DNS Server logs.
Automate management of network appliance events	Routers and firewalls are two network appliances commonly found in a DMZ. Specialized routers and firewalls (example: Cisco IOS series routers) not only help protect your internal network, but provide specialized features such as Port Address Translation (PAT) that can augment the operational performance of your systems. By deploying GFI EventsManager on your DMZ, you can collect the events generated by such network appliances. For example, you can configure GFI EventsManager to act as a Syslog Server and collect in real-time the Syslog messagesNotifications/alerts most commonly generated and transmitted to a Syslog server by UNIX and Linux-based systems whenever important events occur. Syslog messages can be generated by workstations, servers as well as active network devices and appliances such as Cisco routers and Cisco PIX firewalls to record failures and security violations amongst other activities. generated by Cisco IOS routers.

DMZ Automation

Description

Automate management of Web and Mail server events

DMZ networks are normally used for the running of hardware and software systems that have Internet specific roles such as HTTP servers, FTP servers, and Mail servers.

Hence, you can deploy GFI EventsManager to automatically manage the events generated by:

Web-servers including the W3C web-logs generated by Apache web-servers on LAMP web platforms
Windows^® based web-servers including the W3C web-logs generated by Microsoft^® Internet Information Servers (IIS)
Linux/Unix and Windows^® based mail-servers including the Syslog auditing services messages generated by Sun Solaris v. 9 or later
Automate management of DNS server events
If you have a public DNS server, there’s a good chance that you are running a DNS server on the DMZ. Hence you can use GFI EventsManager to automatically collect and process DNS server events including those stored in your Windows^® DNS Server logs.

Automate management of DNS server events

If you have a public DNS server, there’s a good chance that you are running a DNS server on the DMZ. Hence you can use GFI EventsManager to automatically collect and process DNS server events including those stored in your Windows^® DNS Server logs.

Automate management of network appliance events

Routers and firewalls are two network appliances commonly found in a DMZ. Specialized routers and firewalls (example: Cisco IOS series routers) not only help protect your internal network, but provide specialized features such as Port Address Translation (PAT) that can augment the operational performance of your systems.

By deploying GFI EventsManager on your DMZ, you can collect the events generated by such network appliances. For example, you can configure GFI EventsManager to act as a Syslog Server and collect in real-time the Syslog messagesNotifications/alerts most commonly generated and transmitted to a Syslog server by UNIX and Linux-based systems whenever important events occur. Syslog messages can be generated by workstations, servers as well as active network devices and appliances such as Cisco routers and Cisco PIX firewalls to record failures and security violations amongst other activities. generated by Cisco IOS routers.

Free Trial›

GFI EventsManager within a Demilitarized Zone (DMZ)

Related Topics

GFI EventsManager Help System v13.1.0

Copyright © GFI Software Ltd 2018

GFI EventsManager within a Demilitarized Zone (DMZ)

Related Topics

GFI EventsManager Help System v13.1.0

Copyright © GFI Software Ltd 2018

Feedback

Share