Security Basics mailing list archives
Re: Reverse Proxy
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Sat, 25 Nov 2006 10:23:10 -0500
1) how good is the idea to use of reverse proxy as a layer of defense while accessing a web portal .
It is a good only if you implement it properly. It certainly plays a major role in the layered-defense of the web portals.
5) What are some best known and used Revrse Proxy products apart from the well known open source one .
This mainly depends on your user base. Is this a webportal that will be accessible by anyone in the world or is limited to an enterprise. For limited single enterprise use: Take a look at Citrix solutions (URLs below). They have the Netscaler product which might fit you needs. It is a essentially a SSL VPN solution. Another possible solution is to use graphical firewall. This is useful if you really want to secure the your Datastore. In a graphical firewall the content never gets transmitted to the client, instead just the pixel that represent the content get transferred. Citrix can provide this graphical firewall. The Citrix Presentation server + HTTP server (WebPortal) + DataStore will be inside the firewall. You open only one port (ICA protocol) on the firewall that connects to the Citrix server. Publish Firefox on the Citrix server such that it can only access the web application and nothing else. Then the user outside the firewall will use the web based / java based / active X based ICA client to access the published the firefox with your web application. One key thing to note is that the user is only seeing the graphical output of the web app, so it is a lot more secure then pushing actual content out to the user's browser. saqib http://www.full-disk-encryption.net
Current thread:
- Reverse Proxy zack_taple (Nov 24)
- Re: Reverse Proxy Saqib Ali (Nov 27)
- <Possible follow-ups>
- Re: Reverse Proxy warl0ck (Nov 27)
- Re: Reverse Proxy wdgreen340 (Nov 27)