General discussion

Locked

Secure corporate data with a reverse proxy

By debate ·
Does your organization run a reverse proxy? What type of proxy do you think is best? What problems did you experience with your reverse proxy deployment? Share your comments about securing corporate data with a reverse proxy, as discussed in the Oct. 1 Security Solutions newsletter.

If you haven't subscribed to our free Security Solutions newsletter, sign up today! Click this link to subscribe automatically:
http://nl.com.com/MiniFormHandler?brand=techrepublic&list_id=e036

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Very weak understanding of reverse proxy

by deb Contributor In reply to Secure corporate data wit ...

What about the ISA Server 2004's reverse proxy? Its the highest performance, most flexible, most secure, and most cost effective one on the market today. And it doesn't even get a mention? I've got wonder about the commentator's knowledge of this subject.

Collapse -

Familiarity

by Mike Mullins In reply to Very weak understanding o ...

I'm very familiar with reverse proxy and aware of your intimate knowledge of ISA. I'm just not sold on microsoft products protecting other microsoft products. Check out one of my previous articles on Defense in Depth and using diversity to secure your network. Keep writing the books, I enjoy them!
Mike Mullins

Collapse -

Forgot one...

by Tony K In reply to Secure corporate data wit ...

Apache will also act as a reverse proxy. I don't know how it compares with the others mentioned, but you can also use it thusly:

1. You can reverse proxy more than one webserver from the same IP address and port. For example, I have three webservers behind the proxy: webserver1, webserver2, appserver1 using port 8000. I can make all three appear to be one webserver to the outside world. You can either have webserver1.yourhost.com, webserver2.yourhost.com, etc. Or, you can have www.yourhost.com/content1, www.yourhost.com/content2, etc.

2. You can use mod_security and mod_rewrite to add an extra layer of protection by using it to filter out standard web attacks from ever reaching your webservers.

3. If you use Apache-SSL, you can add SSL to webservers running behind the proxy that don't have SSL support (these are rare, but I needed it).

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums