Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Terminal - Firewall

From: "dave" <dave () netmedic net>
Date: Tue, 27 May 2003 01:08:44 -0400
John,

Does the Terminal server need to be contacted from the outside?

Does it need to communicate with the "Institutional" servers? Are they
outside the Firewall? Your diagram does not show your firewall.

Where is your oracle server?  Is it the only server the Terminal server has
to communicate with?

Are you aware of the traffic load between the "Thin clients" and the
"Terminal server"?  Normally the traffic between the thin client and server
is minimal.  The traffic between the Terminal server and APP, File and other
servers is very heavy.


 
_____________________
Dave Kleiman
dave () netmedic net
www.netmedic.net

 


-----Original Message-----
From: John Jairo Florez Torres [mailto:jjflorez () uninorte edu co] 
Sent: Friday, May 23, 2003 15:49
To: security-basics () securityfocus com
Subject: Terminal - Firewall

Hi,
I work for a University. We are working in a terminal server proyect and we
are going to have for about 50 thin clients. The thin clients are going to
work with Microsoft Office, explorer and a client-server application
(Oracle).

The question I have is where do I have to put the server. Our Firewall have
four zones:
- Outside (Internet)
- DMZ
- Institutional servers
- PCs and departamentals servers. The thin cliesnts are going to be in this
zone

I think I would have to put the terminal server in the Institutional servers
zone. If so, the network traffic from server to the thin clients would be
passing throuhh the firewall. Could this traffic put a big work load in the
firewall?
Or Should I put the terminal server in the Pcs and departamentals servers
zone where I am going to have my thin clientes too so this traffic does not
pass through the firewall. The problem here is that the terminal server will
not be protected by the Firewall from an attack originated in this zone.

What schema do you recommend?
In other words , is it a good a idea that the traffic between a terminal
server and its thin clints pass through a firewall? any performance issues?

Thanks for your help

John Florez


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register
Now!
--UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------





---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: