Re: reverse proxy best solution?

From: Richard Stagg <squid@dont-contact.us>
Date: Mon, 19 Jul 1999 10:45:08 +0100 (BST)

Nick,

My usual solution to this is indeed to use Squid on a DMZ as an
accelerator (reverse proxy) with the web server tucked safely inside the
firewall. You can put the server directly on the DMZ, but it depends on
how "sacrificial" you are prepared for this server to be :-)

HTTP-gw is okay too, but is just a reverse proxy and lacks the accelerator
functions of Squid.

Rgds
Richard Stagg

On Mon, 19 Jul 1999, Nick Urbanik wrote:

> Dear folks,
>
> We have a data server behind our Checkpoint 1 firewall, and a web server
> that runs many applications that access this data. The data is
> sensitive, and is encrypted.
>
> We want to publish this on the Internet. What is the best way to set
> things up? Should we use squid as a reverse proxy in the DMZ to access
> the web server on the inside network? Or should we use http-gw from TIS
> as a reverse proxy? Or should we run the web server in the DMZ? It
> seems this exposes our data server to some risks. I've grepped all
> Squid's documentation for "reverse" and came up with nothing helpful.
>
> Any pointers to any ideas would be most appreciated.
>
> --
> Nick Urbanik, Dept. of Electrical & Communications Engineering
> Hong Kong Institute of Vocational Education (Tsing Yi)
> email: nicku@vtc.edu.hk, nicku@iohk.com
> Tel: (852) 2436 8660, (825) 2436 8674 Fax: (852) 2436 8643
>
>
>

---------------------------------
Richard Stagg
Internet Architect
squid@bae.co.uk
Received on Mon Jul 19 1999 - 03:46:28 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:47:27 MST