A few sql 2000 related questions

["Mike LeBlanc" <mlinfosec () comcast net>]

Folks,
I'm new to the list, so forgive me if the questions have been asked before.

1/ First, are there "best practices" relating to security MONITORING of
sql servers?  And tools to do so?  We have a copy of bindview for SQL.  I
haven't had a chance yet to look over it.

2/ We  currently are running a web server that has SQLServer 2000 on it.
Again,
I haven't had time for an exhautive review, but I don't think the SQL
connection
is "protected" using ssl (which I have been led to believe is best
practice).
So for "back office" connections, is ssl best practice?  What about taking
SQL
OFF that machine?  The cuurent protection goes as follows:

inet -> fw->(ssl) dmz (reverse proxy)->fw->web server running IIS/SQL-->back
office fw-->SQL "feeders"

The current solution is completely outsourced, but we are planing to change
that this year to just web hosting where we have more control.

One proposal I have is the following

inet-->IPS-->fw->dmz (ssl) web server->fw->(ssl)sql server->vpn(with
acls)->back office fw dmz->(ssl)back office feeder servers

comments?

other proposal is

inet-->IPS-->fw->(ssl) inverse proxy->fw->(ssl) web server ->(ssl)sql
server->vpn(with acls)->back office fw dmz->(ssl)back office feeder servers

comments?

Thanks for your feedback,
-ML


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards