Backend SQL Networking Questions
From: Tim Meyer (tim@quickservicesoftware.com)
Date: 12/01/02
- Next message: Stamey: "Re: Difficult qualified name problem"
- Previous message: Dejan Sarka: "Re: security for Hierarchical data model allowing users to access data specific to their region"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Tim Meyer" <tim@quickservicesoftware.com> Date: Sun, 1 Dec 2002 15:07:45 -0400
First off, thanks for any input you might have. This is going to deal
mostly with network security and how to best access my SQL DB.
I currently have 3 machines on our internal network that run WLBS (wink2k
AS) to host a website that connects to our backed SQL DB. Each system has
2 nics and is running WLBS in unicast mode. I'm using 1 to 1 nat on our
firewall to allow
access to the internal load balanced IP. What I want to do is to move these
3 systems to our DMZ and assign an external IP to the cluster and eliminate
NAT.
What I need to know is could I move the load balanced nic on each of these 3
machines to the DMZ (with the appropriate tcp/ip param of course) and still
have my other NIC connected to the LAN switch without leaving our internal
LAN open to hacking?
Requests made to the load balanced IP will need to pull data from our
backend SQL DB. How should this be handled? Should I just allow access
from that external IP on the SQL port # into the LAN? Or is there someway
that I can have the the machine that handles the request to use it's other
NIC (domain) to connect to the SQL DB and then transfer back over the
external IP.
If I'm way off base here let me know. I can take critisism with the best of
them.
Thanks
Tim
- Next message: Stamey: "Re: Difficult qualified name problem"
- Previous message: Dejan Sarka: "Re: security for Hierarchical data model allowing users to access data specific to their region"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
