SNMP Proxy into DMZ with ZoneRanger

Network partitioning via firewalls is a well-established strategy for improving security. A common embodiment of this strategy is the use of DMZ’s to create a degree of separation between network and computing assets that are exposed to external network traffic and the company’s internal network. The proliferation of DMZ’s has created a problem for network managers who need to manage DMZ devices using their existing network management applications, because essential management protocols such as SNMP may be blocked by the firewall. The same problem applies to systems management, security management, and configuration management applications, which may also rely on SNMP. This paper describes how SNMP proxy, as provided by Tavve’s ZoneRanger product, can be used to address this problem. Though the paper focuses on DMZ’s, the concepts described are equally applicable to management of any partitioned network architecture.

Download the pdf to read the full article