Quote:
Originally Posted by mikester
+1 on the 'It depends'....
|
+1.
As already stated, "typical" users would access the Internet only through a proxy server.
If access is required "from" the Internet (to your servers, web sites, etc.) then a firewall DMZ would typically be in place so no one is accessing your network "directly", and techniques like NAT'ing (IP Network Address Translation) are implemented to "hide" your intranet's real addresses from the Internet.
VPN (Virtual Private Network) tunnels are one way to typically provide secure, encrypted access (in or out depending...).
Fundamental infrastucture components (DNS lookups for example) would need to be considered.
Those are just a few items to consider, but it really "just depends" upon your environment, your requirements (both for access and security) and how much you're willing to spend to protect yourself from the "Internet pandora's box"
.