Re: Shopping cart architecture IIS<->SQL
- From: "Daniel Crichton" <msnews@xxxxxxxxxxxxxxxx>
- Date: Tue, 30 Sep 2008 16:58:41 +0100
Ron wrote on Mon, 29 Sep 2008 11:47:33 -0700:
I need a shopping cart like setup where IIS is in a DMZ on the
Internet, but how do I securely have the web server talk to a SQL
server where the order will be kept? If I open the Firewall back to an
internal SQL seems like a port I should not open. Any links to white
papers on best practices ?
TIA
Personally, I have IIS write to a SQL Server in the DMZ which contains the
read only product data and the order data, and use SQL Replication via a
Pull subscription to grab that data to another SQL Server inside my LAN at
which point the order data is "cleaned" to only have data left that is
required for order tracking on the website itself. This way the full order
data exists for only a short time on the DMZ server, and I don't have to
allow the IIS or SQL Server in the DMZ to open connections into the LAN.
--
Dan
.
- References:
- Shopping cart architecture IIS<->SQL
- From: Ron J
- Shopping cart architecture IIS<->SQL
- Prev by Date: Re: SQL Server 2005 and security patch issues?
- Previous by thread: Shopping cart architecture IIS<->SQL
- Next by thread: Domain Logins required if member of Domain Group?
- Index(es):
Relevant Pages
|
