Web Server setup - DMZ. - Website Technology Issues forum at WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

Web Server setup - DMZ.

engasi

4:46 pm on Aug 15, 2003 (gmt 0)

Our website is JSP-based. It used to be hosted in the ISP. Now we plan to move webserver and database(SQL Server) in house. From security point of view, how should I set up the web server and database server along with our current compan network? Someone suggest DMZ. Could anyone provide me some info or links discussing about similar issues? Many thanks in advance.

Engasi

txbakers

5:18 pm on Aug 15, 2003 (gmt 0)

I'm not entirely the expert on DMZ, but essentially it goes like this:

Your company has a Firewall with port 80 open. The webserver resides behind this firewall so that web pages can be served to the public.

Your company has another firewall with port #### open. (random #)The database resides on a server behind this firewall. The connection from the webserver to the database is made on port ####, which is not available to the outside public.

Also, the inside server can have an internal IP address, while the webserver can have both an internal and external IP address.

engasi

6:46 pm on Aug 15, 2003 (gmt 0)

Txbakers,

Thanks for your message. By the way, we have ISA Server 2000 as the firewall. How about the company internal network (file server, exchange server, printing server, etc.) Will the database server be behind the same firewall with internal network?

Thanks,
Engasi

txbakers

7:42 pm on Aug 15, 2003 (gmt 0)

Yes, the database would be behind the company firewall.