Firewall Wizards mailing list archives

RE: HTTPS, proxies, and remote developers.

From: "Eugene Kuznetsov" <eugene () datapower com>
Date: Mon, 16 Jun 2003 13:44:33 -0400

me. The remote client does not like the idea.
What would be the easiest way to handle this situation? How would you
resolve a policy issue if one of your clients requires that you use
unencrypted traffic outbound from their network into yours.
(Their need to know for traffic on their network against your need for
security).


Why not an outbound SSL proxy, where the developers open up an SSL
session to the proxy, everything can be scanned in clear-text on the
proxy, and then the proxy re-initiates an SSL connection to the
mothership? This would also mean that only authorized staff on client
site would be able to see the traffic, not everyone. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

HTTPS, proxies, and remote developers. Devdas Bhagat (Jun 15)
- Re: HTTPS, proxies, and remote developers. Barney Wolff (Jun 15)
- Re: HTTPS, proxies, and remote developers. Paul Robertson (Jun 15)
- RE: HTTPS, proxies, and remote developers. Eugene Kuznetsov (Jun 16)
- <Possible follow-ups>
- Re: HTTPS, proxies, and remote developers. simonis (Jun 15)
- RE: HTTPS, proxies, and remote developers. Melson, Paul (Jun 16)
- RE: HTTPS, proxies, and remote developers. Hilal Hussein (Jun 22)