0 Replies Latest reply: Oct 18, 2017 9:39 AM by Alex Walker RSS

    Does a Proxy in a DMZ need access to the central file share?

    Alex Walker

      I'm setting up a proxy only in a DMZ (SAML auth, passes everything else through to Central node). The machine isn't part of the domain as part of the DMZ security. Of course we're also trying to minimise the ports & services which need holes in the firewall between the internal network and the DMZ (as well as the DMZ and the web of course).

       

      What does a Proxy need access to in the central file share?

      • ArchivedLogs - as of Sept release I assume it doesn't need access to this if you're using the logging database.
      • Apps / CustomData / StaticContent - only the Engine needs access to these, right? Or does the Proxy need access to Extensions or anything?

      I'm wondering if we need to open up file sharing at all...