 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
SQL Server Forum / General / Security / June 2005SQL server; put SQL in DMZ or internal network ?
My company.com main website (Win2003 Server, IIS6.0) pulls data from a SQL database. The SQL database is currently housed in myMainSQL server (which is SAN connected in the internal network). I am working on a project now to place all web servers behind a reverse-proxy (ISA). Question I have is this: Is it recommended to place such SQL server in the "DMZ", or since the webserver will be "protected" by a reverse proxy it will be OK keep the SQL db in my internal network, as is now ? If I place the SQL server in the DMZ (server joined to a workgroup), I would need to open ports for data backup, MOM agents and SMS agent reach the SQL server, in addition to spend more money with an additional server and licenses. I'd appreciate if you give your input on this. Hi Think of this. If SQL Server is in your corporate network, and your hacker can use tactics like SQL Injection and where no tight security model exists, the Internal network is open to the hacker. Regards -------------------------------- Mike Epprecht, Microsoft SQL Server MVP Zurich, Switzerland IM: mike@epprecht.net MVP Program: http://www.microsoft.com/mvp Blog: http://www.msmvps.com/epprecht/ > My company.com main website (Win2003 Server, IIS6.0) pulls data from a SQL > database. The SQL database is currently housed in myMainSQL server (which [quoted text clipped - 14 lines] > > I'd appreciate if you give your input on this. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.