setup IIS, sql server behind firewall or....?

Currently we have 1 box for both IIS & sql server.
I would like to separate these into two servers, and which of the following setup is better and why?
1. setup the firewall between IIS (in front) and sql server 2000 or
2. setup IIS and sql server 2000 behind the firewall.

thanks for help!
jackieyehAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
jdlambert1Connect With a Mentor Commented:
Yes, if your ISP is installing your firewall, they should be able to configure it for you. Your IIS will need to be configured correctly, but if that's taken care of, I don't think and code would need to be changed for communication between IIS and SQL Server, unless you have IP addresses hard-coded.
0
 
jdlambert1Commented:
Ideally, your firewall should create 3 zones: the public interface to your ISP, a DMZ, and the corporate LAN. In this scenario, you should put your IIS server in the DMZ and your SQL Server on the Corporate LAN, and configure the firewall to allow no connections to your SQL Server from the public, only allow connections from the IIS service from the DMZ to SQL Server. This won't block LAN connections to your SQL Server, since local traffic won't have to go through the firewall to get to it.
0
 
arbertCommented:
Agree with the above...Typical setup....
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
jackieyehAuthor Commented:
thanks for the response.  Since we have limited knowledge about the firewall, we have the hosting company setup the firewall for us.   In this case, they should configure the connection for us right?
Is there any change I need to make in my .net code for access the db?   thanks again.
0
 
arbertConnect With a Mentor Commented:
"Is there any change I need to make in my .net code for access the db? "

You'll probably have to use a IP address in your connection instead of the server name (if you coded it with a server name).
0
 
jackieyehAuthor Commented:
many thanks experts!! :)
0
All Courses

From novice to tech pro — start learning today.