Le Wed, 31 Oct 2012 15:22:09 +0000 Benjamin Huntsman <[email protected]> a écrit:
>Why not implement a small, stand-alone communication server front-end, >based on a derivative of the OCS Communication Server, that can accept >the inventory from the agent, and write it directly into the GLPI >database? This way, you could have a host in the DMZ running the >Communication Server, and have firewall rules only allowing traffic to >port 443, and on the back-end, firewall rules only allowing MySQL DB >connections in to the GLPI DB server? > >The FusionInventory systems offers a lot of potential advantages, but >due to these security concerns, I'm leaning toward sticking with OCS >and a DMZ-based Communication Server. But for security like you said, you don't give GLPI or other product access in the DMZ >Thanks! >________________________________________ >From: >fusioninventory-user-bounces+bhuntsman=mail2.cu-portland....@lists.alioth.debian.org >[fusioninventory-user-bounces+bhuntsman=mail2.cu-portland....@lists.alioth.debian.org] >on behalf of Gonéri Le Bouder [[email protected]] Sent: Wednesday, >October 31, 2012 3:45 AM To: >[email protected] Subject: Re: >[Fusioninventory-user] DMZ deployment options > >On Wed, Oct 31, 2012 at 08:53:14AM +0100, Guillaume Rousse wrote: >> Le 30/10/2012 20:55, Benjamin Huntsman a écrit : >> > So, is anything like that available, possible, or in the works? >> DMZ doesn't have any formal definition. What's your exact >> constraints, in term of network connections ? >Hi Benjamin and all, > >I used a little script to collect inventory and store them in >a directory. After that, you can move these inventory files on another >machine outside of the DMZ and push them in the server with >fusioninventory-injectory. > >I'd just created a page on the documentation regarding that: > http://www.fusioninventory.org/documentation/fi4g/dmz/ > >I think I will import collect.php in the agent source tree. For example >in the tools directory. > >Best regards, >-- > Gonéri > >_______________________________________________ >Fusioninventory-user mailing list >[email protected] >http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/fusioninventory-user _______________________________________________ Fusioninventory-user mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/fusioninventory-user
