Firewall Wizards mailing list archives
Re: DMZ and critical data
From: "Pedro Henrique Morsch Mazzoni" <phmazzoni () gmail com>
Date: Wed, 26 Jul 2006 18:38:52 -0300
My decision is to proxy the access to the sql server. A proxy will be located in the DMZ and the sql server on the secure network. I am thinking of use a Socks server on the proxy. Anyone have already used? Any other sugestion to this proxy? Thanks a lot! Pedro Mazzoni 2006/7/18, Carric Dooley <carric () com2usa com>:
I typically suggest replicating the required data to a back-end data DMZ host. If you have to provide access to it, do it in the most secure means possible. I could see where this would cause some issues if it has to be updated real-time from the client, but if you approach it (as you seem to be) with the idea of never allowing untrusted networks connect to trusted networks, you are on the right track. On Fri, 7 Jul 2006, Pedro Henrique Morsch Mazzoni wrote:Hello, I am doing a project of network security to a friend of mine. We will do a back-to-back DMZ, with a external and a internat firewall. In our project, only the web and mail servers stay in DMZ. But the company wants to access a webbased application from the internet. The webserver needs access to a file and a database server, but the data on this server is critical. My sugestion is to put a webserver in the internal network and configure a Vpn, but it is not possible for the client. I donĀ“t want to put the file and database servers on the DMZ, put if I put it on the internal network the webserver on the DMZ has to access the server, wich compromises my security. Any sugestions? Pedro Mazzoni _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards-- Carric Dooley COM2:Interactive Media USA _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- DMZ and critical data Pedro Henrique Morsch Mazzoni (Jul 09)
- Re: DMZ and critical data Carric Dooley (Jul 18)
- Re: DMZ and critical data Pedro Henrique Morsch Mazzoni (Jul 27)
- Re: DMZ and critical data Carric Dooley (Jul 18)