?
Solved

Checkpoint NG reverse proxy

Posted on 2006-06-12
4
Medium Priority
?
2,463 Views
Last Modified: 2013-11-16
Hi All,

Im currently looking at our design and implementation out in our DMZ.

I have read a fair bit of material that outlines the benefits of running a reverse proxy through to certain services that need a little bit more protection from the outside world.

Has anyone had any luck implementing reverse proxy to a DMZ environment on checkpoint NG.? Any white papers or doco would be fantastic too.

I realise implementing this on ISA 2004 is a doddle and am not interested in ISA comments, ISA is not an option, so checkpoint answers only please.

Thanks

S
0
Comment
Question by:nexissteve
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
srikrishnak earned 1500 total points
ID: 16892130
0
 
LVL 5

Expert Comment

by:dbardbar
ID: 16895401
What extra security do you EXACTLY need?
How would you like (generly speaking) for the user experience to be when accessing the DMZ servers?
Is this HTTP only? Other protocols?
Do you today have a CP FW-1 connecting the DMZ to the outside world?
0
 
LVL 6

Author Comment

by:nexissteve
ID: 16897126

What extra security do you EXACTLY need?

Full auditing and minimising the attack vector on a member server that is running a web site.

How would you like (generly speaking) for the user experience to be when accessing the DMZ servers?

Transparent

Is this HTTP only? Other protocols?

HTTPS or HTTP

Do you today have a CP FW-1 connecting the DMZ to the outside world?

To multiple DMZ's

0
 
LVL 6

Author Comment

by:nexissteve
ID: 16958269
Checkpoint cannot do true reverse proxy.

The answer lies in srikrishnak's comment in that you have to use user auth.

Not quite the answer I was looking for. But thanks all the same.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question