[EMAIL PROTECTED] wrote:
>
> But surely, putting company data onto the DMZ goes against the rules of DMZ
> design? The servers in the DMZ cannot be trusted so data should not reside
> there true?
>
The DMZ is there to make sure crackers don't get into your network...
doesn't really
keep you data secure... Remember, you can have more than one DMZ.
To get by these issues, it takes alot of planning and risk management.
What is the
value of your database? What is the risk (someone stealing data, or
changing data?)?
What business value are you adding by making this db available to the
public Internet?
Since the database is connected to the Internet, it can be compromised,
we'll assume that
this risk makes business sense, since it's been done. Would you rather
it be compromised
inside the DMZ, or inside your corporate network?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
