Active Directory in Networks Segmented by Firewalls

Domain Controllers are increasingly being deployed on networks segmented by firewalls a common scenarios is a DC separated from clients in a perimeter network (also known as DMZ, demilitarized zone, and screened subnet).

The document on the following link provides best practices for deploying service domain controllers in segmented networks, procedures for configuring IPSec policies to protect traffic between domain controllers on opposite sides of a firewall, and recommended practices for managing these policies.

Active Directory in Networks Segmented by Firewalls
Tags:

About author

Vittorio Pavesi