That was my thought, if they get in an extra layer will only delay them not stop them.
The thing is this is extremely private data that if it were to get out would cause
the hospital a great deal of problems it you get my drift!. Right now the 1st project
is still in test and using Win/IIS
Our web server is in the DMZ with the Coldfusion app server (cluster) sits
in the MZ. (CF in distributed mode -
http://www.macromedia.com/support/coldfusion/administration/cfmx_in_distribu
ted_mode/ ). The database is contained within it's own MZ as well on another
network segment. Some may argue
]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, September 19, 2002 8:55 AM
Subject: RE: 3 Tier Security
That was my thought, if they get in an extra layer will only delay them
not stop them. The thing is this is extremely private data that if it were
to get out would cause the hospital a great deal
Thanks for that!
[EMAIL PROTECTED] 09/19/02 09:10AM
Our web server is in the DMZ with the Coldfusion app server (cluster) sits
in the MZ. (CF in distributed mode -
http://www.macromedia.com/support/coldfusion/administration/cfmx_in_distribu
ted_mode/ ). The database is contained within it's
they cannot setup a VPN like customer sites or Internet Cafes'.
- Original Message -
From: Michael Ross [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, September 19, 2002 8:55 AM
Subject: RE: 3 Tier Security
That was my thought, if they get in an extra layer will only delay them
I am doing exactly that, seems like a good way of going about it.
-Original Message-
From: Mark W. Breneman [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 18, 2002 4:22 PM
To: CF-Talk
Subject: RE: 3 Tier Security
Yes, this is much more secure than most people.
I would start
Just off the top of my head, some kind of database abstraction level
might be what they are thinking. Currently you send SQL straight to
the webserver, which if the web server is compromised would let a
hacker send arbitrary sql statements to the sql server. With an API in
the middle using COM, a
How about a Class 2 force field around the servers
heh...
The way u have it set up now is wy more secure than most people have it.
-Original Message-
From: Michael Ross [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 18, 2002 2:30 PM
To: CF-Talk
Subject: 3 Tier Security
Developer
-Network / Web Server Administrator
Vivid Media
[EMAIL PROTECTED]
www.vividmedia.com
608.270.9770
-Original Message-
From: Phoeun Pha [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 18, 2002 3:18 PM
To: CF-Talk
Subject: RE: 3 Tier Security
How about a Class 2 force field
W. Breneman [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 18, 2002 4:22 PM
To: CF-Talk
Subject: RE: 3 Tier Security
Yes, this is much more secure than most people.
I would start with securing the cf/webserver. A correctly secured
webserver
is very hard to hack into.
Here is an idea
I think that the 3 Tier issue is really one of performance, not security.,
If you can compromise the 1st tier, you can compromise the second, and then
the third. Anywhere there is a hole in the firewall there is an opportunity
to break in. Tiers just add layers and make it more complicated.
11 matches
Mail list logo