Hello,
I'm building a firewall with :
- An exterior router which connects Internet to DMZ.
- A bastion and an HTTP server on the DMZ.
- An interior router which connects DMZ to internal network.
The bastion host runs an HTTP proxy.
It's obvious that all outgoing traffic must pass through the proxy, but for
incoming paquets, should I route them to the proxy ? Or is it correct to
send them directly to the HTTP server ?
>From a security point of view, I think it's not dangerous to send incoming
requests directly to the HTTP server, but I would like to have your
opinions.
What are the drawbacks and the advantages of my solution ?
Thanks.
Best regards.
-----------------------------------------------------
Tarkan HOCAOGLU
[EMAIL PROTECTED]
-----------------------------------------------------
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
