Working on a network diagram. I have an outside interface, DMZ with web server connecting to SQL. Should the SQL be behind the DMZ, or in the DMZ? SQL needs to connect to Exchange only for mailing internally, nothing external. I wish we could draw pictures for this .....
Outside Interface <---------->DMZ (Web Site, SQL) DMZ -----------> Secure Network (Exchange Backend)
Outside Interface <---------->DMZ (Web Site) DMZ -------------> Secure Network (Exchange Backend, SQL)
Now for the question. Which method is preferred? What do I have to allow through the DMZ to internal in order for SQL to talk to exchange for option 1?