So I have to set up a Web server with a SQL server. I want to set up the Web server in the DMZ and have the SQL remain in the LAN. I was going to do this.
allow port 80 block port 80
block port 1433 allow port 1433
Users in the LAN also need to access the Webserver in the DMZ plus admins will need to be able to access the webserver,
My question....If I allow services needed from LAN to DMZ will that be safe enough? Does my setup sound right? I know its not going to be perfect but I want it to be as good as I can.
Also, we are using a Sonicwall firewall.