Avoid to put in the same area entities which have very different security requirements
Using proxies (I) Proxies can be used to « hide » the real servers/the real networkExterior => Interior traffic- Gives the external user the illusion that she/he accesses to the interior server
- But intercepts the traffic to the server, analyzes the packets (checks the compliance with the protocol, searches for keywords, etc.), logs the requests
Interior => Exterior traffic- Give the internal user the illusion that she/he accesses to the exterior server
- But intercepts the traffic to the server, analyzes the packets (checks the compliance with the protocol, searches for keywords, etc.), logs the requests
Using proxies (II) Advantage- knowledge of the service/protocol => efficiency and « intelligent » filtering
- Ex : session tracking, stateful connection
Dostları ilə paylaş:
|
