Designing SRA Deployment Scenarios
116
Portal Server 6 2005Q1 • Deployment Planning Guide
The disadvantage to this configuration is that multiple ports need to be opened in
the second firewall for each connection request. This could cause potential security
problems.
Netlet and Rewriter Proxies
Figure 5-14
shows a configuration with a Netlet Proxy and a Rewriter Proxy on the
intranet. With these proxies, only two open ports are necessary in the second
firewall.
The Gateway need not contact the application hosts directly now, but will forward
all Netlet traffic to the Netlet proxy and Rewriter traffic to the Rewriter Proxy.
Since the Netlet Proxy is within the intranet, it can directly contact all the required
application hosts without opening multiple ports in the second firewall.
The traffic between the Gateway in the DMZ and the Netlet Proxy is encrypted,
and gets decrypted only at the Netlet Proxy, thereby enhancing security.
If the Rewriter Proxy is enabled, all traffic is directed through the Rewriter Proxy,
irrespective of whether the request is for the Portal Server node or not. This ensures
that the traffic from the Gateway in the DMZ to the intranet is always encrypted.
Because the Netlet Proxy, Rewriter Proxy, and Portal Server are all running on the
same node, there might be performance issues in such a deployment scenario. This
problem is overcome when proxies are installed on a separate nodes to reduce the
load on the Portal Server node.
Содержание Portal Server 6 2005Q1
Страница 8: ...8 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 10: ...10 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 12: ...12 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 20: ...Sun Welcomes Your Comments 20 Portal Server Secure Remote Access 6 2005Q1 Administration Guide...
Страница 36: ...A Typical Portal Server Installation 36 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 50: ...Proxylet 50 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 78: ...SRA Sizing 78 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 132: ...Identity and Directory Structure Design 132 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 142: ...Configuration Files 142 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 152: ...Tuning Parameters for etc system 152 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 158: ...Portal Server on an Application Server Cluster 158 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 178: ...Portal Design Task List 178 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 180: ...Comparison of Solaris and Linux Path Names 180 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 182: ...182 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 192: ...Section X 192 Portal Server 6 2005Q1 Deployment Planning Guide...