Jump to content


24 degrees

Design question

Recommended Posts

I have an internal network and a DMZ. I have a couple of installation plans in mind listed below. I want to use SCCM to keep servers upto date with Windows patches and am particularly interested in using the maintenance windows feature within SCCM.

 

1) Setup central site server in the internal network to service internal servers and servers in the DMZ. Can you confirm which ports need to open, and will I be able to deploy updates in this manner?

 

2) Option 2, install a primary child site server in the DMZ, so the DMZ clients communicate with this. The primary child site server will then talk to the Central site server on the internal network and any management can be carried out from the internal network. One snag though, as I understand you cannot install SCCM without AD? If I were to create a NEW domain in the DMZ will the above scenario of Central site server and primary server work?

 

Thanks.

Share this post


Link to post
Share on other sites

Option 1. - Possible, you would need at least port 80/443, 445 and optional 8530/ 8531 (see: http://technet.microsoft.com/en-us/library/bb632618.aspx).

Option 2. - Possible, but it indeed needs an AD and you need to open some ports between the Sites (also see the link).

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.