Quoting Timothy Wilson (wilson at visi.com): > Here's the question: How 'bout putting a 2nd NIC in the Webserver and > putting that NIC on the internal network? The 2nd one would get a 10.* IP > address and shouldn't have any trouble accessing the tape library. > > It's certainly possible to prevent cross-traffic between the NICs, but I'm > not sure if this setup is really "securable." How much trouble am I asking > for? :-) > > Anybody have any advice? Danger! Danger! I saw Amy's post and I totally agree. Don't do it. How much data is on the web server? Do you want to do a full or incremental backup? What we have done is setup ssh in a very restricted fashion to ssh to the DMZ, and tar the contents of the web server across the ssh tunnel to a local box that is then backed up on the private network. This works well for a medium amount of data and is very secure. -- Bob Tanner <tanner at real-time.com> | Phone : (952)943-8700 http://www.mn-linux.org | Fax : (952)943-8500 Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9