cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
554
Views
0
Helpful
7
Replies

Simple Firewall Question

smartin0611
Level 1
Level 1

Have routing or other Cisco types of devices gotten to the state where they can actually provide a DMZ with http/s services without physical servers in the DMZ?

7 Replies 7

Collin Clark
VIP Alumni
VIP Alumni

Do you mean can they translate to an inside address? They have for years.

Bear with me regarding my naivete. I need to provide secure access from the Internet where HTTP services in the DMZ would trigger other types of processing in the secure network area. Previously, I've seen an HTTP server placed in the DMZ that would trigger the processing on an application server inside the intranet. Does the need for the HTTP server in the DMZ still exist? Thanks.

I'm confused now! Can you give me a more specific example? I'm not sure what you mean by "triggering other types of processing".

For Oracle E-Business Suite, initial connectivity is performed as an HTTP connection. After initial authentication, other types of services (Forms/J2EE/IIOP activity) are started that actually provide a "richer than HTML" user interface experience.

OK, so you want to kow if you can have the web server on the inside along with Oracle and other apps and have them all communicate w/o a DMZ? Is that correct?

Exactly. Since some of the software licenses are by CPU, not requiring an additional server in the DMZ lessens our expeneses.

Cisco certianly supports it. It was never a feature limitation (that I know of) but more of a security feature/vulnerability.

Review Cisco Networking for a $25 gift card