I'm curious: Is the firewall between the servers and the outside world, or is it between segments of the internal network? The former would imply that there's
JDBC traffic coming in over the Internet - I'd be interested to hear what lead to that architectural choice. If the latter, where does the need for a firewall between internal systems come from?