Security management is not easy and there is no simple answer to it.
Also, it depends where are you hosting your sites. Are they in public
cloud, public data center, your private cloud or your private data center?
However, I can suggest you a typical small setup:
Your firewall at the edge of your LAN and where your WAN terminates
Two or more VLANs (DMZ, office network, database and application server).
Host your web server (Apache web server) in the DMZ VLAN
Host your Application servers (OFBiz) and Database server.
I assume your private network is trusted and you do not need any SSL.
All SSL can be terminated at your web server. Your web sever will
communicate with your application servers using private address range
such as 192.168.x.x
Thanks,
Raj
On Tuesday 04 March 2014 04:09 PM, Adrian Stern wrote:
Thank you.
Since there are some developers here with experiance in E-Commerce, the
BigFish developers for example, maybe they've some ideas?
@Pierre Smits:
Thats exactly the kind of setup i am looking for. But for me it's unclear
how the interface between tier 1 and tier 2 should be set up.
Do i connect them on ofbiz level or on database level.
Would i face any limitations in a setup where there is one DB and a
different server for each module? Would they still work together normally?
I think with i well configured database user with not too many access
previleges, the security would suffice in our scenario.
Anyway. Thanks for the answers. I may try to contact the BigFish guys to
check if they would share their experiances.
Regards,
Adrian
On 4 March 2014 09:48, Pierre Smits <pierre.sm...@gmail.com> wrote:
In a 3 tier setup with DMZ you would normally put the 1st tier (the web
server) in the DMZ with connections to the 2nd tier (OFBiz) in you own
network. Of course, for optimal security you would have to have a ssl
tunnel between tier 1 and 2.
Regards,
Pierre Smits
*ORRTIZ.COM <http://www.orrtiz.com>*
Services & Solutions for Cloud-
Based Manufacturing, Professional
Services and Retail & Trade
http://www.orrtiz.com
