Since I do this type of thing for a living, I can tell
you the best answer is Option B. If your company is that
security paranoid, a DMZ is always a better idea than
poking holes in end-to-end connections in the firewall.
On 12-Sep-2000 Coleman, Bryan wrote:
> I almost have my company convinced that Zope is the technology to use for
> our Intranet/Extranet. However they are very concerned with security. I
> proposed two security schemes that I would like zope community feed back
> for potential holes.
> Option A: Poke a hole through our firewall on the primary http port or on
> port 8080 to allow Zope pages through and then require authentication on
> first page.
> Option B: Set up a DMZ off the firewall to allow the same as the above.
> Any feed back would be welcome.
M. Adam Kendall | Got Linux?
Internetworking & | We do.
Security Architect |
[EMAIL PROTECTED] | http://www.devis.com
Zope maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -