Hey everyone, Here's a little security question for you related to DMZs, firewalls, and backups. Our new Web server sits in a DMZ outside our school's main firewall and has a regular IP address. The rest of the district is NAT'd behind the firewall using a 10.*.*.* block. We have a tape library set up inside to back up all the file servers. Since we have a BackupExec setup, I'd like to install the Unix agent and backup the Web server files to the internal tape library. The firewall makes that more complicated. Here's the question: How 'bout putting a 2nd NIC in the Webserver and putting that NIC on the internal network? The 2nd one would get a 10.* IP address and shouldn't have any trouble accessing the tape library. It's certainly possible to prevent cross-traffic between the NICs, but I'm not sure if this setup is really "securable." How much trouble am I asking for? :-) Anybody have any advice? -Tim -- Tim Wilson | Visit Sibley online: | Check out: Henry Sibley HS | http://www.isd197.k12.mn.us/ | http://www.zope.org/ W. St. Paul, MN | | http://slashdot.org/ wilson at visi.com | <dtml-var pithy_quote> | http://linux.com/