[fw-wiz] DMZ and critical data



Hello,

I am doing a project of network security to a friend of mine.
We will do a back-to-back DMZ, with a external and a internat firewall.
In our project, only the web and mail servers stay in DMZ.
But the company wants to access a webbased application from the internet.
The webserver needs access to a file and a database server, but the
data on this server is critical.
My sugestion is to put a webserver in the internal network and
configure a Vpn, but it is not possible for the client.
I don´t want to put the file and database servers on the DMZ, put if I
put it on the internal network the webserver on the DMZ has to access
the server, wich compromises my security.

Any sugestions?

Pedro Mazzoni
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Linux, New Corporate Network, Cisco Routers, T1 Ethernet Handoff, DMZ...
    ... I am setting up a network for a company that I am part owner of. ... internet go into my Cisco 2621 router that has 3 10/100Mbs FE interfaces. ... the same switch creating the "sandwich" DMZ setup with the public devices in ... PBX server that uses a straight VoIP connection all the way to our service ...
    (comp.os.linux.networking)
  • New Corporate Network, Cisco Routers, T1 Ethernet Handoff, DMZ...
    ... I am setting up a network for a company that I am part owner of. ... internet go into my Cisco 2621 router that has 3 10/100Mbs FE interfaces. ... the same switch creating the "sandwich" DMZ setup with the public devices in ... PBX server that uses a straight VoIP connection all the way to our service ...
    (comp.security.firewalls)
  • Re: SBS2000 and a DMZ
    ... This network is my HOME network that I use as a test bed to learn things ... the systems in the DMZ are my sons desk tops and laptops. ... but could not get CDDB(an internet service that is used to identify music ... The W2K3 server is a recent addition and wanted it for storage of the boys ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: Is Remote Desktop Web Connection secure?
    ... 80 or 443 to an IIS Server. ... I'd opt for the SSL VPN in DMZ Option, i.e. using AEP Networks NSP or Citrix ... open up your internal network directly to the internet is just asking ...
    (microsoft.public.windows.terminal_services)
  • Re: Help with security design documentation
    ... Not sure if you are quoting me with "we have a private network ... network to talk to the empty DMZ". ... managed 10/100 switch with 1000Mb/s port for DC server connectivity. ...
    (microsoft.public.security)