I need some advise on setting up a DMZ on the ASA5510. We have an IIS server that communicates with an SQL database.
I have been told that the IIS server should be placed in the DMZ and that I can establish communication back to the SQL server on the internal network.
I have also heard that I can leave the IIS server on the internal network and simply publish it with an ISA server sitting on the DMZ. This way the ISA server can communicate with the IIS server (which is a member of the domain), and not worry about having to expose active directory.
Any thoughts on this? I want to set this up right the first time, and I am not really sure what is the best way to do this.