Re: security question
From: Mark Allison (marka_at_no.tinned.meat.mvps.org)
Date: 08/11/04
- Next message: Gary: "Re: Changing SQL authentication method"
- Previous message: Narayana Vyas Kondreddi: "Re: Adding columns to table with 3 millions rows"
- In reply to: stan: "security question"
- Next in thread: stan: "Re: security question"
- Reply: stan: "Re: security question"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 11 Aug 2004 12:50:16 +0100
stan,
Put the SQL Server in its own DMZ. Then only allow communication from
the web server to the SQL Server through a single port. Do not allow SQL
Server direct access to the web or the lan.
Allow access from the lan to the SQL Server (so you can manage it). You
will need to think about backups - possibly have a tape drive directly
attached to SQL Server, or perhaps another server in the DMZ.
-- Mark Allison, SQL Server MVP http://www.markallison.co.uk Looking for a SQL Server replication book? http://www.nwsu.com/0974973602.html stan wrote: > Hello: > > Just a general question. What is the best way to protect data gathered from > a website that is written to a sql database. My decision was to place the > web server in dmz and backend sql with database behind firewall. Our web guy > contends that because we have to open ports from WEB (dmz) to LAN > (sqlserver) to allow the communications between web server and DB, that the > SQL server is just as vulnerable to attack through the open ports dmz to > lan. > > Anyone shed any light on this. > >
- Next message: Gary: "Re: Changing SQL authentication method"
- Previous message: Narayana Vyas Kondreddi: "Re: Adding columns to table with 3 millions rows"
- In reply to: stan: "security question"
- Next in thread: stan: "Re: security question"
- Reply: stan: "Re: security question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
