I will be going live with an online SQL DB very soon and wondered if you could offer me some advice on security issues. The server is a Dell PE 2650 and runs on 2K Server with IIS & SQL installed. Firstly can I force the remote users (56K,ISDN,ADSL etc) to use secure communications like SSL when submitting data etc. I believe on 2K you can create your own CA to submit to Verisign but I cannot understand how the clients obtain the CA to encrypt.
Secondly can someone briefly explain the setup involved in firewalls/routers etc. I appreciate its a big subject but I just need some clarification. We have a 2MB leased line directly from our LAN to the Dell Server. Presumably on both ends of the pipe there would be a Router with a public IP address and behind that the Firewalls with private IP address’s. Then behind that the Servers sit. Is that correct?
Quick example maybe:
LANServer-FW-Router–2MB–Router-FW-Webserver/SQL
Thanx for your assistance in advance.
gary
