I was hired as a entry level network person with no experience, but am learning as I go so please bear with me.
Our company currently as an internal SQL server that is replicated to a server in the DMZ and then web requests for this data is against the DMZ SQL data and not the live server. This was put into place due to security concerns a long time ago, but now they want to change this.
My boss asked me how banks and other sensitive companies host live data on their websites without concern for security risks. I don't know what banks do since I've never worked at one, but I was wondering if anyone could tell me how they do it at their company?
Here is the proposed plan for our company:
Internet --> DMZ --> Web Server --> INTERNAL --> SQL Server
They want to get rid of the replication and punch holes in the internal firewall for the SQL port and have web users be able to get queries run on live data.
Any opinions?
Oh yeah, we're running a Cisco Pix as our firewall and there are already some things that myself as a noob see wrong with it so hopefully I can get that part cleaned up.
Thanks.
Our company currently as an internal SQL server that is replicated to a server in the DMZ and then web requests for this data is against the DMZ SQL data and not the live server. This was put into place due to security concerns a long time ago, but now they want to change this.
My boss asked me how banks and other sensitive companies host live data on their websites without concern for security risks. I don't know what banks do since I've never worked at one, but I was wondering if anyone could tell me how they do it at their company?
Here is the proposed plan for our company:
Internet --> DMZ --> Web Server --> INTERNAL --> SQL Server
They want to get rid of the replication and punch holes in the internal firewall for the SQL port and have web users be able to get queries run on live data.
Any opinions?
Oh yeah, we're running a Cisco Pix as our firewall and there are already some things that myself as a noob see wrong with it so hopefully I can get that part cleaned up.
Thanks.