• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 479
  • Last Modified:

Securing a website

We are going to be moving a website out onto the internet and are trying to determine the best way to secure it.  The site will consist of a web server that is grabbing data from a SQL database server from within the network.  We are currently using a PIX515E firewall with everything from the outside denied except our e-mail spam service.  Would we be better off from a security standpoint utilizing the DMZ interface on the PIX or forwarding incoming port 80 requests to the webserver directly?
1 Solution
Personal opinion - go with the web server on the DMZ and create an IPSEC secpol connection between the web server and the database server, allowing only this encrypted data stream through the PIX from the DMZ to the Inside.
Its always better to have the web server in DMZ as lrmoore mentioned....Then its up to you how comfortable you are with the various resources to secure the server n communication between WEB Server & DB server...
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now