The Inprise IIOP gateway, Gatekeeper, uses a similar approach. It mainly
differs in that Gatekeeper can also be configured to use SSL (443) and
conduct
encrypted IIOP sessions with the client. An added advantage is that the
SSL implemenation adds authentication to the mix, improving the "armor"
surrounding the data.
While certainly not ideal, it is a damn sight better than running over
port 80 all the time.
--John K.
|Greetings,
|
|I recently attended a conference at which Sybase demonstrated their
|latest application server product, which they call Enterprise
|Application Server. It manages and distributes server objects such as
|CORBA, COM, Java, and native PowerBuilder objects for use in distributed
|applications. Obviously, this activity requires a client-server
|connection using some kind of protocol. I began to get a queasy feeling,
|so I interrupted their enthusiastic demo with a question about what had
|been done to address the inevitable firewall issues. They stared blankly
|at me for a few seconds, and then asked me what I meant. I explained
|that if I wanted to deploy an application based on their product, I
|would need such information so that I could "negotiate" intelligently
|with the client's network admins. More staring. Finally, one of the
|reps. explained that their setup will attempt to talk using its native,
|proprietary protocol. If this fails, it tries again, tunneling via HTTP.
|I didn't ask what happens if that fails, since I was getting dirty looks
|from those sitting around me, who had apparently come for a pep rally.
|But the reps. seemed to think it strange that any admin would have a
|problem with multitudes of binary payloads being tunneled through their
|carefully tended security.
|
|Any comments?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
