Ask the Expert

Best firewall to protect application and database

I have to build a Web site that has a database SQL Server and an application that runs over the Internet. Could you give me an idea of which kind of firewall I should install to protect my application and my database?

    Requires Free Membership to View

Is this a dedicated database server? Is it a Web server with a back-end database? What kind of data are you processing? There are many more questions that need to be answered before giving a specific recommendation.

Whatever firewall you choose, you should allow only those ports to be open that need to be open. If the public is using just a Web interface, you should only need ports 80 and 443. If you are combining with e-mail, allowing ftp or telnet, or other things, you'll need more things open.

I'd suggest that your database be a separate backend machine with a Web front end. The Web application should proxy all queries, and the DB should make sure any query comes only from the Web application. There are lots of other things you should look into too, so you really should consult with a security professional to discuss your unique situation.

For more information on this topic, visit these other resources:
  • David Strom's Security Tool Shed: Quickbase database server allows secure Web-based sharing
  • Tech Tip: Implementing database security and integrity
  • Infosec Know IT All Trivia: Database security

    This was first published in April 2003

  • There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: