IIS outside - SQL inside

My company is in the process of moving our web server outside the firewall.
Currently all our Microsoft Access databases and our SQL database reside
on the web server. I want to move the databases to a server inside our firewall,
however I am concerned about communication between the web server outside
the firewall and the sql server and MS Access. What necessary steps do I
need to take to ensure proper communications?

[442 byte] By [Sidney Moore] at [2007-11-9 23:50:18]

«« Consistent cross platform message digests using SHA-1?
»» Accessing security information through COM

# 1 Re: IIS outside - SQL inside

Just be sure of adding a rule in the firewall that will allow traffic only
from the web server to your DB server.

"Sidney Moore" <sdmoore@hsojax.med.navy.mil> wrote in message
news:3d6a1868$1@10.1.10.29...
>
> My company is in the process of moving our web server outside the
firewall.
> Currently all our Microsoft Access databases and our SQL database reside
> on the web server. I want to move the databases to a server inside our
firewall,
> however I am concerned about communication between the web server outside
> the firewall and the sql server and MS Access. What necessary steps do I
> need to take to ensure proper communications?

Pablo Carmona at 2007-11-12 0:14:38 >

# 2 Re: IIS outside - SQL inside

"Sidney Moore" <sdmoore@hsojax.med.navy.mil> wrote:
>
>My company is in the process of moving our web server outside the firewall.
>Currently all our Microsoft Access databases and our SQL database reside
>on the web server. I want to move the databases to a server inside our firewall,
>however I am concerned about communication between the web server outside
>the firewall and the sql server and MS Access. What necessary steps do I
>need to take to ensure proper communications?

You're making the right move. In almost all cases databases should be inside
the firewall and not on a web server. Depending on the database and how
the calls to it are made, you also can lock down the firewall traffic to
specific ports between the two servers. It's important, of course, to ensure
usernames and passwords are not stored in code on the web server, and if
possible to send them encrypted when traversing client/web server/database
server.

jane sowerby at 2007-11-12 0:15:38 >

# 3 Re: IIS outside - SQL inside

Putting the IIS box outside without a screening router or firewall in front
sounds a bad idea... that would mean opening 1433 on your firewall... keeping
in mind the recent Slammer worm that does'nt sound too robust!!

I'd suggest putting the IIS box into a DMZ at least...

HTH,

Arvind Shyamsundar
Brainbench MVP for Internet Security
http://www.brainbench.com

Arvind Shyamsundar at 2007-11-12 0:16:37 >

This is a Technology portal site for all the developer, It's a community, here you can post your question when you are learning, working, and soso...we'll make it better than yesterday Everyday...

IIS outside - SQL inside

Developer Tech

All Classified

Developer Tech New Topic

Developer Tech Hot Topic