Implement 2 -tier firewall architecture.Configure FW2 to allow only specific
ports toaccess the fileserver from the webserver.
Internet -- > FW 1--> DMZ (webserver) ---> FW 2---> Filesever (internal network)
On 7/7/06, Pedro Henrique Morsch Mazzoni <phmazzoni@gmail.com> wrote:> Hello,>> I am doing a project of network security to a friend of mine.> We will do a back-to-back DMZ, with
a external and a internat firewall.> In our project, only the web and mail servers stay in DMZ.> But the company wants to access a webbased application from the internet.> The webserver
needs access to a file and a database server, but the> data on this server is critical.> My sugestion is to put a webserver in the internal network and> configure a Vpn, but it is not
possible for the client.> I donÂt want to put the file and database servers on the DMZ, put if I> put it on the internal network the webserver on the DMZ has to access> the server,
wich compromises my security.>> Any sugestions?>> Pedro Mazzoni>> -------------------------------------------------------------------------> Sponsored by: Watchfire>>
Securing a web application goes far beyond testing the application using> manual processes, or by using automated systems and tools. Watchfire's> "Web Application Security: Automated
Scanning or Manual Penetration> Testing?" whitepaper examines a few vulnerability detection methods -> specifically comparing and contrasting manual penetration testing with>
automated scanning tools. Download it today!>> https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008Vmm>
-------------------------------------------------------------------------->>
