Firewall Wizards mailing list archives
RE: Web/database server setup question...
From: "Scott, Richard" <Richard.Scott () bestbuy com>
Date: Thu, 2 Mar 2000 15:02:33 -0600
Inline: Richard Scott BestBuy.Com * Tel: 001-(612)-995-5432 * Fax: 001-(612)-947-2005 * Best Buy World Headquarters 7075 Flying Cloud Drive Eden Prairie, MN 55344 USA The views expressed in this email do not represent Best Buy or any of its subsidiaries. I've been assigned to come up with a setup for our web and database servers so that they can be reasonably secure. The basic setup will be web server, a database server and a process application server (between the web and db server). These will be on their own, ie no intranet connected to them or anything. My question is this, what would be a reasonable setup? Is a firewall needed, or a router will be enough blocking everything except for ports 80 and 443? It really depends on what you want to protect and the amount of downtime you are willing to accept. If the information on the database isn't critical, just advertising blah, then you may feel it needs some protecting, but as much as you would want to protect customer information. As far as a web server, well, like I said, it depends on what exactly you are doing. It can't hurt to put in place some filtering of packets, just to ensure stability of the application, a firewall too would be beneficial. You may need to look at the application server and see if it houses any special DCOM/ Remote components that tunnel things through your firewall etc. Reasonable is something that you can only determine, pending what you want to house and put up on the net. If you are going to set up an ecommerce site then you would want adequate security to protect the data integrity of the site and application itself from coming under DoS. Assuming nothing, I would advocate placing a firewall or some screening solution in front of your web server (Load balancing?), then place some added protection between your DB and you application server, whether you need to add another firewall or not it's up to you. A better detail of the scenario would achieve better results I would guess from this list! Thanks, Theo
Current thread:
- Web/database server setup question... tdoyiako (Mar 02)
- <Possible follow-ups>
- RE: Web/database server setup question... Scott, Richard (Mar 02)
- RE: Web/database server setup question... Squire, Jonathan (Mar 05)