So for an assignment, we need to create a scheme (and eventually also the set-up) of a couple of servers in a network.
The 'networks' are:
- Internal network
- DMZ
- The internet
And the servers we need to place are the following:
- DNS Server
- Active Directory ([multiple] DC's)
- MSSQL server
- Webserver
- MS Exchange 2010 Server, split up in 3 parts: Client side, SMTP, and other functionalities (whatever those may be)
Now I was wondering which of these servers to put in the DMZ <-> internal.
The MSSQL server and AD server(s) should be placed inside the internal network. Of that I am quite sure (? :D).
The webserver and DNS server should be in the DMZ, right? I just dont know why, so any explanations about that would be greatly appreciated as well.
But then there are the three Exchange servers. I have absolutely no clue about where to place which part of these 3. Could anyone give some hints/tips and best practices about (mail)servers?
Also, to route/firewall these networks (internal, DMZ and internet), we use the Forefront TMG.
Any help is greatly appreciated!