Relay WCF service
This is more of an architectural and security issue than anything else. I am trying to determine if the proposed architecture is needed. Let me explain my configuration.
We have a standard DMZ that has two firewalls. One outside and the other that connects to the internal LAN. The following describes where each application tier is currently running.
Beyond the Firewall:
Silverlight Application
In the DMZ:
WCF Service (Business Logic and Data Access Layer)
Inside the local network:
Database
I am getting information that the architecture is wrong. In particular, it has been suggested that since "the web server is easily compromised", we should place a relay server inside the DMZ that communicates with another WCF service inside the local network, which will then communicate with the database. Currently, the external firewall is configured to only allow port 443 (https) for the WCF service. The internal firewall is configured to allow SQL connections from the WCF service to the DMZ.
Ignoring the obvious performance implications, I don't see any security benefit either. I'm going to reserve my decision on this proposal so as not to pollute the answers with my biased attitude. Any input is appreciated.
Thanks,
Matt
a source to share
I do think the comments made are correct, in which case I will probably also try to use as many layers of "defense in depth" as possible that I can think of.
Plus, the amount of work to achieve this may be less than you're afraid - if you're on .NET 4 (or can move to).
You can use the new .NET 4 / WCF 4 Routing Service to do this quite easily. As an added benefit, you can expose the HTTPS endpoint to the outside world, but internally, you can use netTcpBinding (which is much faster) to handle internal messages.
Learn how to easily configure the .NET 4 Routing Service:
a source to share