Q

Best firewall to protect application and database

I have to build a Web site that has a database SQL Server and an application that runs over the Internet. Could

you give me an idea of which kind of firewall I should install to protect my application and my database?

Is this a dedicated database server? Is it a Web server with a back-end database? What kind of data are you processing? There are many more questions that need to be answered before giving a specific recommendation.

Whatever firewall you choose, you should allow only those ports to be open that need to be open. If the public is using just a Web interface, you should only need ports 80 and 443. If you are combining with e-mail, allowing ftp or telnet, or other things, you'll need more things open.

I'd suggest that your database be a separate backend machine with a Web front end. The Web application should proxy all queries, and the DB should make sure any query comes only from the Web application. There are lots of other things you should look into too, so you really should consult with a security professional to discuss your unique situation.


For more information on this topic, visit these other SearchSecurity.com resources:
  • David Strom's Security Tool Shed: Quickbase database server allows secure Web-based sharing
  • Tech Tip: Implementing database security and integrity
  • Infosec Know IT All Trivia: Database security


  • This was first published in April 2003

    Dig deeper on Application Firewall Security

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close