Solved

Web Server Gateway

Posted on 2014-03-08
5
238 Views
Last Modified: 2014-04-22
Hi All,

Is there an open source version of Microsoft Forefront / ISA Server to secure server web applications access from clients from outside the network to have to go through the software firewall before hitting the web application?  This would be for an IIS website.
0
Comment
Question by:Jack_son_
5 Comments
 
LVL 35

Assisted Solution

by:Kimputer
Kimputer earned 125 total points
ID: 39915222
Build another server (2 nics), with a version of linux on it. There are many choices in flavors and packages to choose from (seperately install a linux flavor, then seperately install the firewall package of your choice), or go for an all-in-one solution like ClearOS (which includes web based administration).
0
 
LVL 7

Assisted Solution

by:Sivaraj E
Sivaraj E earned 125 total points
ID: 39915303
Get the untangle (free / paid available) / endian (paid) installed, may be you can give try on it, its a software based firewalls

http://www.untangle.com/store/get-untangle/

http://www.endian.com/en/products/security-gateways-utm/software-appliances/#.Uxu6zImSxd0

Regards, Shiva
0
 
LVL 26

Assisted Solution

by:skullnobrains
skullnobrains earned 250 total points
ID: 39931383
use a reverse proxy such as squid or possibly a tool that does some deep inspection such as haproxy (which is actually a load-balancer) if you need negectible performance drawback and a less security than a proxy

run them on whatever free opensource unix-like os you want : gnu/linux, xBSD, illumos (opensolaris) ...

you can easily find linux distributions targetted for such a use such as vulture
http://www.vultureproject.org/
see a guide with screenshots there
http://arnaud.desmons.free.fr/wordpress/?page_id=36
0
 

Author Comment

by:Jack_son_
ID: 39937722
Okay thanks, so would these work as like forefront, they would sit in front of the web server, so the external client would hit that first and it would send their request to the web server?
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 250 total points
ID: 39938063
i don't know forefront products very well and not really which one of them you are referring to, so it will be difficult for me to compare features in detail.

they are targetted to work as reverse-proxies.
they receive HTTP queries, and emit fully separate queries to the webserver which actually receives no connection from the WAN. they feature tons of additional options to detect malevolent attempts but the basics are receiving queries and reemitting the same ones if they were deemed sane.

the one i mentioned is not targeted to work as a firewall. you'd need a separate firewall if you expect such functionality. solaris and bsds provide pf, and ipf which are great software firewalls. if you expect a web interface, you can try pfsense for example, which also features a builtin reverse-proxy. if you already have a firewall (which was my possibly wrong assumption), forget about this
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now