It is a very fine job to allow Web users to access the database. It is a big concern and requires careful consideration.
TechRepublic member E Spigle recently raised the following question on Q & A forum of TechRepublic Technical:
We are working on a job to convert a very old FoxPro System into a ms SQL/VB system in my company. SQL databases are widely used internally. It is currently located behind the firewall of our LAN and can only be used internally. However, some of our conversion programs bring some online Web applications. Now we are faced with a dilemma. We must find a good solution to allow Web users and LAN users to access the same database at the same time. Currently, our IIS 6.0 Web server is in DMZ. How can a web server provide database access for network applications?
Problem Analysis
This is a very interesting question. It seems very simple at first glance, but when you think about it further, you will find its complexity. At any time, when you want to make your database accessible over the Internet, you have to consider many issues. The first question I will consider is, "What type of data are we processing ?" And "How sensitive is the information ?"
The reason I will consider these two issues is that I need to determine how much risk these data can bear. If I cannot take any risk, I may invest a lot of resources and energy to ensure that my data is as harmless as possible. However, if you can take on certain risks, I will exercise caution, but will not adopt extreme means. For example, if the data is a patient's medical history information, I will spare no effort to protect data security, which means that the SQL Server is not connected through IIS.
Before I describe in detail, I want to declare that I am not biased towards Microsoft. I just want to avoid risks. Microsoft products can be well protected and work well in the above circumstances. However, due to its popularity, Microsoft products are more likely to become targets of viruses, worms, hackers and such attacks. Avoid using Microsoft products in environments with low risk tolerance, which can reduce my troubles.
In addition, based on the degree of risk that data can bear, I will decide whether to encrypt data between the web server and the database, and whether the data needs to be encrypted in the database. If we want to achieve the highest security, I will choose to use built-in or third-party encryption software. If the data security requirements are not that high, I will choose not to encrypt at all, or select a lower-level encryption method.
Finally, I need to decide what kind of connection to access the database. If encryption is required, or/and access is performed through the client server software (as described in the problem), I need to use a VPN and an application layer proxy. In addition, I may consider setting up an application server between my Web server and database.
The answers to these questions help me design the database access environment.
Build a system
I assume that the data described in E Spigle is not highly sensitive, so IIS and SQL Server are acceptable. A:
Figure A: Network Planning
In network communication as shown in A, HTTP or 1443 of port 80 is only allowed to reach the Web server. The Web server then communicates with the SQL server through port 1433 and the TCP protocol. Another method is to use Microsoft's ISA Server as the conversion proxy and allow it to control communication with the SQL server.
No matter which one you choose, there are a series of issues that need to be considered to ensure the security of your SQL Server database. These problems can be found online. They include protecting your Windows Server, protecting IIS, protecting SQL server, and handling communication problems between Web servers and SQL Server, this includes issues such as authentication and protocols. Fortunately, Microsoft has provided some help in MBSA (Microsoft Baseline Security Analyzer.
Finally, your developers and database administrators need to integrate a series of standards and programs into the application code and database to minimize security risks.
Best practices and acceptable risks
This article describes some of the complexities behind a seemingly simple question: "How can we make it best for network applications to access databases through web servers ?" There may be capital pressure, but in the end it will come down to the balance between the tolerable risk level and the input. This is something everyone needs to consider.