I have a web server with a library application that remote users can use to browse the library catalogue and reserve books. The book titles and availability are kept in a backend database. The problem with the application is that the web server needs to query the database and this will be done in a pull fashion as opposed to a push. I'd prefer not to have dmz initiated traffic coming into my internal network however I am stuck with this application and it's limitations. The firewall is checkpoint firewall-1. The web server will be placed in a screened subnet and the database in the internal network.
 
Does anyone have any best practices ideas on how the risk can be limited? The library database also needs to be accessable and modifiable by internal DBA and library staff so they want it tied to the production network.
 
Thanks for any info, pointers, ideas,
Ron

Reply via email to