<div>
Its always better to have the web server in DMZ as lrmoore mentioned....Then its up to you how comfortable you are with the various resources to secure the server n communication between WEB Server &amp;&nbsp;DB server...
</div>


Its always better to have the web server in DMZ as lrmoore mentioned....Then its up to you how comfortable you are with the various resources to secure the server n communication between WEB Server & DB server...

<div>
<div class="content wysiwyg-content">
We are going to be moving a website out onto the internet and are trying to determine the best way to secure it. &nbsp;The site will consist of a web server that is grabbing data from a SQL database server from within the network. &nbsp;We are currently using a PIX515E firewall with everything from the outside denied except our e-mail spam service. &nbsp;Would we be better off from a security standpoint utilizing the DMZ interface on the PIX or forwarding incoming port 80 requests to the webserver directly?
</div>
</div>


We are going to be moving a website out onto the internet and are trying to determine the best way to secure it.  The site will consist of a web server that is grabbing data from a SQL database server from within the network.  We are currently using a PIX515E firewall with everything from the outside denied except our e-mail spam service.  Would we be better off from a security standpoint utilizing the DMZ interface on the PIX or forwarding incoming port 80 requests to the webserver directly?

Securing a website

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.