Hi, there is another solution for accessing an internal SQL server from a web server in DMZ, WITHOUT opening connexions through the firewall from the DMZ to the internal network. It's a software called "NetSecure Web", from the french company NetSecure Software. On the one hand, you've got an empty web server on the DMZ, which just buffers incoming requests from the Internet. On the other hand, the real web server is in the internal network and polls about every second (configurable) the server on the DMZ and gets this way the buffered requests without any connexion opened from the DMZ throughout the firewall: the connexions are opened from the internal network towards the DMZ, which is much much more secure. When the internal server has got the requests, it can ask an internal SQL server for data (no such big security problem) and then sends back to the DMZ server the web pages for the Internet clients. This product is about 2 years old and is used in production in several big companies already. NetSecure Software is a Paris company, but has a branch in Montreal, Canada. Take a look at www.netsecuresoftware.com . Have a nice day! Francois ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:02:42 PDT