Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Firewall Wizards: Re: Web Services and Firewall/Network Architecture

Re: Web Services and Firewall/Network Architecture

From: Karl <karl.mueller_at_asolutions.com>
Date: Thu, 20 Mar 2008 14:13:21 -0500

We've done some work in this area. Basically, you implement a
"front-side" Service Bus (ESB in SOA parlance) in your DMZ that exposes
(read "hosts") "Enterprise Services" to your public consumers. These
"Enterprise Services" in turn consume, aggregate, mitigate, bingo! and
return the interesting protected business services in your environment
that provide the data your public customers are looking for. Essentially
its another abstraction layer.

Regards..
-karl

Ginski, Richard J wrote:
>
> Hi All,
>
> There’s talk in our org to directly interface one of our back-end
> servers to provide web services for external entities via the
> Internet. On the surface, this is a risky option for me. Although
> firewall “protected”, I don’t want a “protected device” directly
> interacting with web service “consumers” from the Internet. It sounds
> like a bad idea to me.
>
> I have been searching around looking for sample diagrams (etc) on
> environments that support Web Services. I am trying to determine where
> stuff goes in this environment and how a firewall/DMZ fit into the
> picture. Can anyone point me to where info would be available for
> this? I’ve checked the archives for the past year and checked at
> OASIS, W3C, OWASP, and XML.com, with no luck. The “web services sites”
> focus on coding practices, coding architecture, and coding frameworks.
> Although very important, it’s not the info I am looking for. We are
> trying to determine how web services fit in our environment using best
> practices in network design and network security to support web services.
>
> Any help would be greatly appreciated. TIA!
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards_at_listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Received on Mar 24 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]