On Wed, Dec 16, 2009 at 7:48 PM, Sai Pullabhotla <[email protected]> wrote: > Dear Fellow Developers, > > I thought this developers group can provide me with some ideas on > building a DMZ Gateway. Basically, our company has developed a MFT > (Managed File Transfer) product, which has an FTP/S, SFTP and HTTPS > services for letting trading partners get/put files. Lately we have > been getting requests from our customers and prospects that they do > not want to store any data or credentials in the DMZ. In other words, > they want all these services running in the internal network. However, > when a trading partner wants to exchange file(s), they will be given > an external address which will be routed to a system in the DMZ. The > system in the DMZ need not know how to validate the credentials or > need to store any data (files). No connections should be made from the > system in DMZ to the system(s) in the internal network. However,
If this can't happen, how would you handle the request coming from external network? or it would always be initiated from internal network? > systems in the internal network can initiate a connection to a system > in the DMZ. The system in the DMZ should basically act as a Proxy for > various protocols where as the systems in the internal network do the > actual work. At this point I'm looking for various techniques to > implement this kind of a system. I appreciate any help you guys could > offer. Won't our proxy example be a good place to start ? > Regards, > Sai Pullabhotla > -- thanks ashish Blog: http://www.ashishpaliwal.com/blog My Photo Galleries: http://www.pbase.com/ashishpaliwal
