Dear Fellow Developers, I thought this developers group can provide me with some ideas on building a DMZ Gateway. Basically, our company has developed a MFT (Managed File Transfer) product, which has an FTP/S, SFTP and HTTPS services for letting trading partners get/put files. Lately we have been getting requests from our customers and prospects that they do not want to store any data or credentials in the DMZ. In other words, they want all these services running in the internal network. However, when a trading partner wants to exchange file(s), they will be given an external address which will be routed to a system in the DMZ. The system in the DMZ need not know how to validate the credentials or need to store any data (files). No connections should be made from the system in DMZ to the system(s) in the internal network. However, systems in the internal network can initiate a connection to a system in the DMZ. The system in the DMZ should basically act as a Proxy for various protocols where as the systems in the internal network do the actual work. At this point I'm looking for various techniques to implement this kind of a system. I appreciate any help you guys could offer.
Regards, Sai Pullabhotla
