Solved

Checkpoint NG reverse proxy

Posted on 2006-06-12
4
2,416 Views
Last Modified: 2013-11-16
Hi All,

Im currently looking at our design and implementation out in our DMZ.

I have read a fair bit of material that outlines the benefits of running a reverse proxy through to certain services that need a little bit more protection from the outside world.

Has anyone had any luck implementing reverse proxy to a DMZ environment on checkpoint NG.? Any white papers or doco would be fantastic too.

I realise implementing this on ISA 2004 is a doddle and am not interested in ISA comments, ISA is not an option, so checkpoint answers only please.

Thanks

S
0
Comment
Question by:nexissteve
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
srikrishnak earned 500 total points
ID: 16892130
0
 
LVL 5

Expert Comment

by:dbardbar
ID: 16895401
What extra security do you EXACTLY need?
How would you like (generly speaking) for the user experience to be when accessing the DMZ servers?
Is this HTTP only? Other protocols?
Do you today have a CP FW-1 connecting the DMZ to the outside world?
0
 
LVL 6

Author Comment

by:nexissteve
ID: 16897126

What extra security do you EXACTLY need?

Full auditing and minimising the attack vector on a member server that is running a web site.

How would you like (generly speaking) for the user experience to be when accessing the DMZ servers?

Transparent

Is this HTTP only? Other protocols?

HTTPS or HTTP

Do you today have a CP FW-1 connecting the DMZ to the outside world?

To multiple DMZ's

0
 
LVL 6

Author Comment

by:nexissteve
ID: 16958269
Checkpoint cannot do true reverse proxy.

The answer lies in srikrishnak's comment in that you have to use user auth.

Not quite the answer I was looking for. But thanks all the same.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

806 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question