reading database behind a firewall

Is there any difference in reading data from databases(using jdbc)which are behind a firewall? Do i have to use special tools?
twgAsked:
Who is Participating?
 
comermConnect With a Mentor Commented:
There is ccertianly a difference in reading a database that is behind a firewall.

Specifically, each database vendor (or a third party) implements a driver for your use in accessing the db. This driver provides a number of services to you, but in this case the most important for discussion is the network protocol. Each database vendor (for the most part) has implemented their own proprietary network protocol for communicating with their database - e.g. SQL*Net for Oracle, etc. The protocol is typically capable of accessing the db using one or more protocol stacks, i.e. TCP, IPX/SPX, etc. In the case of TCP/IP, the driver typically communicates between the client and server using one or more connections at various TCP port numbers.

Of course the job of the firewall is to restrict communication across it to acceptable protocols, between acceptable hosts, using acceptable TCP or UDP ports, etc.

If enough is publically known about the network protocol used by your particular db server, then it may be possible to configure your firewall to permit communication with the database. (In fact, I believe that some firewalls provide configuration scripts for some well known protocols - again SQL*Net springs to mind.)

If your firewall cannot be properly configured, then the other option is to develop a server which resides INSIDE the firewall boundry and presents data to the clients in a way that is acceptable to the firewall, i.e. via HTTP or some other protocol.
0
 
Ravindra76Commented:
Informative
0
 
cam_ratCommented:
All a firewall does it block unnecessary ports. And allow ones which are necessary eg port 80 for http.
in my case Sybase woudl be using port 2638.
so its as simple as changing your firewall to allow that port through...
Just find out which port your database communicates with  and allow it through the firewall..
If you have no access to the firewall..
I can't see there is much you can do.
0
 
comermCommented:
cam rat, this is not completely true... Many firewalls are actually proxy servers - meaning that they stand inbetween client and server and are involved in the protocol. This makes things more complicated.

However, I believe that it is true that all can be configured to allow unrestricted traffic (i.e. no proxy function) on certain ports. Hoewver, then you have to know the ports involved. To make things even worse, some protocols (like FTP for example) initiate connections on a known port, but then spawn other connections on other ports as needed (the FTP control channel versus the data channels.) I am not sure if any of the db vendor's protocols do this.
0
All Courses

From novice to tech pro — start learning today.