I think that the 3 Tier issue is really one of performance, not security., If you can compromise the 1st tier, you can compromise the second, and then the third. Anywhere there is a hole in the firewall there is an opportunity to break in. Tiers just add layers and make it more complicated. However, on the performance side application servers can help with the load. It is easy to conceive of an application where for example, I would want 2 web servers (tier 1), 5 application servers and 1 database server. This lets me scale my app servers separately from my web servers which can make a difference in licensing cost.
Justin > -----Original Message----- > From: Michael Ross [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, September 18, 2002 3:30 PM > To: CF-Talk > Subject: 3 Tier Security > > I am hoping someone can help me out with this. Maybe I just > can't see how it would work......but anyways we have apps > that are going to be accessible outside our firewall. We > currently have a set-up like this. > > Webserver is in dmz with the ports http/https accessible to > the outside world. CF code is kept on this server. Database > is completely inside the firewall. The firewall is > configured to only allow communitcation from the webserver IP > to the SQL IP over a sql port. There are voices around here > that want to see a 3rd layer or an app server inbetween. I > can't visualize how this would work? I think I may just need > someone to help me visualize it. Anyways taking into > consideration that the webserver software is all patched up > and tighened down, the code has been analized to ensure that > there are no holes will adding the extra layer really do any good? > > Thanks > > Mike > > ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
