SQL 2008 Replication to DMZ Security

Posted on 2009-02-09
Last Modified: 2012-12-05
I have 2 SQL Server 2008 servers. One located in an internal domain and the other located in a DMZ facing the internet. The one in the domain is replicating one-way to the SQL server in the DMZ.

In order for the them to talk to each other I have to open a port on the firewall and also had to create a persistent route locally on each server to get them to talk to each other.

This leaves a big security hole I think. Because if someone was able to take over the server in the DMZ then they would have complete access to the server in the domain.

How can I do one-way replication in a secure way?
Question by:junglecom
    LVL 18

    Accepted Solution

    Hi junglecom-

    You should not need to have the persistant route, the default route on the servers should be sufficient. If you do you could use NAT and NAT the inside SQL server to an IP address on the DMZ so the DMZ SQL server wouldn't have to know anything about where the inside server is.
    To force the replication to only work from the inside to the DMZ you could restrict the SQL traffic from the DMZ to the inside using the established key word at the end of the ACL. This would only allow traffic from the DMZ to the inside that is a response to traffic that originated from the inside.

    let us know if you need any help setting this up.

    LVL 2

    Author Comment

    I just started on ISA so I would LOVE your help.

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Join & Write a Comment

    In this article I will describe the Detach & Attach method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
    In this article we will get to know that how can we recover deleted data if it happens accidently. We really can recover deleted rows if we know the time when data is deleted by using the transaction log.
    Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed
    Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now