[fw-wiz] Access to internal resources

From: Nathan Casey (ncasey_at_sonoma-county.org)
Date: 06/22/04

  • Next message: Mason: "Re: [fw-wiz] Web server security?"
    To: <firewall-wizards@honor.icsalabs.com>
    Date: Tue, 22 Jun 2004 05:22:12 -0700
    
    

    We have SQL data which can currently be viewed on our internal Intranet by select employees. Access to the SQL data site is controlled by NTFS permissions.
    Now, we are required to make the same SQL data available over the internet to the same group of people that have internal access.
    Our external web server is in a PIX DMZ separate from our internal network. Would it be possible to use MS ISA server to act as a reverse proxy to allow external users access SQL data in a browser over the public internet?

    Internet Router
    (Public IP)
    |
    |
    PIX FIREWALL
    |
    |
    Web server
    |
    |
    PIX FIREWALL
    *internal Network*
    |
    |
    ISA SERVER
    |
    |
    SQL SERVER DATA
     
     
    The current intranet sight is just a web page that allows users to search
    a records DB containing real estate info (http://intranet/houses). The
    users that access this page have only read access to the table containing
    the info.
    When the user accesses the page they are prompted for a username and
    password to access the information (Domain username and password).
    They now need to be able to access the same info from the internet in the
    same manner. Only the users that can access the intranet site should be
    able to access the internet site (www.sonoma.com/houses) and the SQL data.
    Would the web server in the PIX DMZ point to the ISA server as the
    location of the SQL DB, and then forward the request to the SQL server?
    Thank you for the advice!

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Mason: "Re: [fw-wiz] Web server security?"