Re: Network question

From: leemer (kcirelli@powernetworks.biz)
Date: 10/26/02 

From: "leemer" <kcirelli@powernetworks.biz>
Date: Sat, 26 Oct 2002 15:58:14 GMT

I very much agree with NeoSadist.....that is very HUGE. You need to know
allot about network architecture as well as firewall architecture to make
that kind of decision...not to mention if anyone that actually does answer
that question would damn near type a book to "try" to explain all the ins
and outs of what your asking.

Not to be a smart ass.....( I never flame anyone in newsgroups)....but it
really doesn't sound like you should be doing that kind of work "solo" if
you have to ask a question that insinuates you have little or no knowledge
about architecture/security.

BUT...to quickly answer you...here's the 40,000 foot view;

Firewalls usually touch the internet and protect your DMZ and backend
networks.. which hang off your firewall.
DB servers usually reside in the backend (privately addressed network
segment) of the network and web/apps servers typically reside in the DMZ and
through rules you put in the firewall...these webservers are permitted to
talk through the firewall, to the backend DB servers.

Also...any of what I just said is subject to change based on your current
architecture, security requirements.....there's quite allot involved and
many ways to do it. What I just explained is sort of an industry standard
I've become used to based on 10 years of network and security
consulting.....but again, there is more than 1 way to do this. Good luck to
you though.

"Max7" <joan_toh@hotmail.com> wrote in message
news:ap7ppt$p7o$1@mawar.singnet.com.sg...
> Hi all,
>
> I am interested in finding out the various architecture methods for
securing
> a globally used web-based application. This means, where do i place the
> firewalls, dmz, app server, db server etc...
>
> Could anyone help, thanks very much.
>
> Max
>
>
>
>

Relevant Pages

  • RE: Secure Network Design (DMZ, LAN, etc)
    ... you'll see that their both on the same subnet. ... It has a port for the trusted network and a port ... Our firewall handles NAT. ... > servers, wouldn't it require a public IP and therefore be somewhat ...
    (Security-Basics)
  • Re: Network question
    ... allot about network architecture as well as firewall architecture to make ... which hang off your firewall. ... DB servers usually reside in the backend (privately addressed network ...
    (comp.security.firewalls)
  • Re: Network question
    ... allot about network architecture as well as firewall architecture to make ... which hang off your firewall. ... DB servers usually reside in the backend (privately addressed network ...
    (microsoft.public.win2000.security)
  • RE: [fw-wiz] Security Audit and Priorities
    ... Learn your network. ... - Linux Security Cookbook ... Building Secure Servers with Linux ... It's one thing to be a firewall admin and write ...
    (Firewall-Wizards)
  • Re: terminal services quirkyness question
    ... When you ssh into your Firewall you are Basically inside your Network ... will have to change the default port that TS listens too... ... Open the Ports in your Firewall and Point them to your servers, ...
    (microsoft.public.windows.server.sbs)