Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
AlexOmetis
Partner Ambassador
Partner Ambassador
‎2017-10-18 09:39 AM

Does a Proxy in a DMZ need access to the central file share?

I'm setting up a proxy only in a DMZ (SAML auth, passes everything else through to Central node). The machine isn't part of the domain as part of the DMZ security. Of course we're also trying to minimise the ports & services which need holes in the firewall between the internal network and the DMZ (as well as the DMZ and the web of course).

What does a Proxy need access to in the central file share?

  • ArchivedLogs - as of Sept release I assume it doesn't need access to this if you're using the logging database.
  • Apps / CustomData / StaticContent - only the Engine needs access to these, right? Or does the Proxy need access to Extensions or anything?

I'm wondering if we need to open up file sharing at all...

Qlik Partner Ambassador 2024
1,022 Views
0 Likes
2 Replies
albyrajp
Contributor
Contributor
‎2018-07-10 04:22 AM

I am also in similar situation, recommended architecture is to place IIS Server with Reverse proxy, by a consultant.  I would like to know if we place QS Proxy server ... will I be able add this node to the central node in local network. What are the ports to be opened from Proxy server in DMZ to central node and from central node to this proxy?

755 Views
0 Likes
stevengrice
Contributor
Contributor
‎2022-02-25 03:50 AM

Did you every solve this.

 

Does it need The Apps / CustomData / StaticContent access?

253 Views
0 Likes