July 20, 2004 at 4:46 am
We are planning an extranet at work. We have been thinking about our setup.
There will be:
My question is: Obviously, the web server will be sat in the DMZ, and the Intranet Web/SQL Server will be on the LAN, but where would you put the Extranet SQL Server so that it can be updated with data from the Intranet Web/SQL Server, and also allow the Web Server to execute stored procedures?
What is the best setup in terms of security?
July 21, 2004 at 1:24 am
If you have only one SQL Server (in the LAN) then what you can do is put the web server in DMZ and block all ports except port 80 from the internet. Then you can put the SQL Server in the LAN and only allow port 1433 to come in from the DMZ to LAN. This allows web server to talk to SQL Server in the LAN.
If you have 2 SQL Servers then two options are possibel:
-the 2nd SQL Server needs to be in the DMZ
-you can also put the extranet SQL Server in the LAN with a setup similar to onces mentioned above.
Jesbin
July 21, 2004 at 2:00 am
yeah i was thinking of putting the second sql server on the LAN, but just wasn't sure of the most secure setup. Do I want to set up linked sql servers between the LANand DMZ, or is it better to have a connection between the webserver and the sql server box between LAN and DMZ. Not sure of most secure setup.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply