Comments on: About Split DNS http://blogs.isaserver.org/shinder/2006/11/04/about-split-dns/ Written by Dr Thomas W Shinder, consultant to Microsoft, HP and many Fortune 500 companies on ISA firewall and Web proxy deployments this blog is where administrators get information about ISA Server Universal Threat Management firewalls. Topics include how to manage, deploy, and troubleshoot ISA Server as a network firewall, Web proxy/Web cache, remote access VPN server and VPN gateway to provide a high level of network security for all corporate computers. Thu, 4 Dec 2008 21:26:45 +0000 http://wordpress.org/?v=MU by: AFlowers http://blogs.isaserver.org/shinder/2006/11/04/about-split-dns/#comment-57934 Thu, 11 Jan 2007 14:03:25 +0000 http://blogs.isaserver.org/shinder/2006/11/04/about-split-dns/#comment-57934 I too have been investigating the use of a split DNS within our organization, and have similarly set up a test bed. My test bed used the firewall's NAT and DNS functions to serve as the external DNS server. My internal DNS service is hosted on the AD domain controller. Everything works! I can't find any problems - security holes - with this approach. Are there any security holes? Related question: Would this approach eliminate the need for an internal domain (int.abc.com) with a separate name from the external domain (abc.com)? I too have been investigating the use of a split DNS within our organization, and have similarly set up a test bed. My test bed used the firewall’s NAT and DNS functions to serve as the external DNS server. My internal DNS service is hosted on the AD domain controller. Everything works! I can’t find any problems - security holes - with this approach. Are there any security holes?

Related question: Would this approach eliminate the need for an internal domain (int.abc.com) with a separate name from the external domain (abc.com)?

]]>