I have a design question.
I would like to keep a website hosted offsite. We will be using an internal application that hits the database via windows authentication every day, while external users would be hitting it via the hosted external website. Their changes would be added to the same database after some validation checks.
My thought is to open up a port in the firewall to allow database access (SQL Server 2008) for the external web server and have it access the database on our LAN.
- Would this be a viable security model? If not, how are applications like this usually deployed?
- Will the performance be horrible for external users without a database sitting closer to the web server?