Re: To DMZ or not DMZ
From: Steve Thompson (stevethompson_at_nomail.please)
Date: 12/22/04
- Next message: Steve Thompson: "Re: Developer has SA registration details"
- Previous message: Roger Abell: "Re: Cached Logon"
- In reply to: Peter Kaufman: "To DMZ or not DMZ"
- Next in thread: John Bell: "Re: To DMZ or not DMZ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Dec 2004 09:45:03 -0500
"Peter Kaufman" <pmkdatabase_at_yahoo_dot_ca> wrote in message
news:me4is01h9f3qbm3d10g7k2r73fir3551vo@4ax.com...
> I have an sql database that is accessed both from Intranet and a few
> users on the Internet. I am having a hard time deciding whether to put
> the database server on a DMZ and set up a second one for internal
> usage or just continue on with the server behind a good firewall but
> on the LAN, and a member of the internal domain.
>
> It is going to be a hassle (and expensive) to use two SQL servers for
> this - not only will I have to keep them synced, now the outside users
> authenticate with AD user names/passwords.
>
> What would you guys do?
There may be a third option, which is keep the server internal and use a
secure VPN tunnel to connect.
However, look at any proposed solution from a hackers point of view, in
which location is the server OS and SQL Server more easily compromised?
Would you keep company sensitive data on a server in the DMZ? What is the
cost if this data were exploited?
Steve
- Next message: Steve Thompson: "Re: Developer has SA registration details"
- Previous message: Roger Abell: "Re: Cached Logon"
- In reply to: Peter Kaufman: "To DMZ or not DMZ"
- Next in thread: John Bell: "Re: To DMZ or not DMZ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
