n_athen
asked on
Is this secure? A Networking Challenge
PLEASE help, I am going to ameeting with this proposal and I know some security people will tear me apart. So any tips much appreciated.
Check out the diagram http://www.geocities.com/chris11.rm/network.jpg
Server A uploads to Server B updated images over a VPN IPSEC DSL connection; I have no question regarding this security.
Specifications:
Server A – Primary Location - Win 2000 server with 2 nics, one connecting to local LAN 10.232.1.9, the other connecting to a DSL router,
Server B – Remote location - Win 2000 server with one nic connected to the DSL router.
The current setup allows for viewing of images from server B only, there is no access to the remote location’s LAN.
Objective: Allow for secure viewing of images from computers on the LAN side of server B, while not allowing for traffic to traverse to Server A LAN side or Server A for that matter. Also the reverse, no access from the LAN side of Server A to the LAN side of server B.
Propose: What I proposed was to add a second nic to the server b side, is this the best approach?
Thanks for any challenges.
Check out the diagram http://www.geocities.com/chris11.rm/network.jpg
Server A uploads to Server B updated images over a VPN IPSEC DSL connection; I have no question regarding this security.
Specifications:
Server A – Primary Location - Win 2000 server with 2 nics, one connecting to local LAN 10.232.1.9, the other connecting to a DSL router,
Server B – Remote location - Win 2000 server with one nic connected to the DSL router.
The current setup allows for viewing of images from server B only, there is no access to the remote location’s LAN.
Objective: Allow for secure viewing of images from computers on the LAN side of server B, while not allowing for traffic to traverse to Server A LAN side or Server A for that matter. Also the reverse, no access from the LAN side of Server A to the LAN side of server B.
Propose: What I proposed was to add a second nic to the server b side, is this the best approach?
Thanks for any challenges.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Some clarification:
The communication from Server A to Server B is secure and does not need any more improvement.
The problem is that the LAN side of Server B needs to access Server B as if it was an internal web site.
The company on server B side needs confirmation that there is no way anybody from Sever A can jump across to the LAN side of Server B.
I hope this is clearer...
The communication from Server A to Server B is secure and does not need any more improvement.
The problem is that the LAN side of Server B needs to access Server B as if it was an internal web site.
The company on server B side needs confirmation that there is no way anybody from Sever A can jump across to the LAN side of Server B.
I hope this is clearer...
For added security, you can also install a personal firewall such as zone alarm pro or black ice defender.