|
Problem
The client had an application that has both
Internal (LAN) and External (Internet) connection requirements.
Internally the application is accessed via custom software and
externally via a web browser. Because of the program design, both
of these interfaces must be located on the same machine (Server)
which presented a security risk to the clients Internal (LAN)
network.
Analysis
The software requirements dictated that while
both parts of the application were required to be on the same
machine (Server), both parts did not necessarily have to reside on
the same physical network.
Solution
A new firewall was installed at the clients
site breaking their network into multiple networks each with it’s
own security system. The application’s dedicated server has
multiple network interfaces to allow it to talk on the different
networks. Through the firewall we can prevent access on the public
side (Internet) of the server to all but the required services thus
protecting the rest of the internal network (LAN) while still
allowing those users on the internal network full access to the
application server and access to the rest of the Internet.
|
