Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Los, Ralph (rlosEnvestNet.com)
Date: Mon Sep 24 2001 - 11:14:07 CDT
I have a very straighforward question.
I have an IIS box that I need to proxy INTO from the web, for
this I am using an ISA Server. I have the config drawn below
currently in the architecture->build process and need input
on whether the ISA Server will be adaptive towards my needs.
|-Web Server/IIS5 (10.10.11.2)----ColdFusion Server (10.10.10.2)
|-Web Server/IIS5 (10.10.11.3)----ColdFusion Server (10.10.10.3)
|-Web Server/IIS5 (10.10.11.4)----ColdFusion Server (10.10.10.4)
As you can see, the Proxy is hiding more than a single IIS
box behind it. Each time a user logs into our site,
ColdFusion keeps a "session variable" on the CF Server (not
client!), therefore, forcing me to make sure my clients can
"keep state" with the IIS box of original login.
Also, I am doing port multiplexing versus having multiple
IP's per box...meaning, each box has a single IP, running a web
site on say, port 12000 (HHTP) and 22000 (HTTPS) and another
site on 12001 (HTTP) and 22001 (HTTPS) and so on.
[I hope I didn't leave anyone confused].
The big question - CAN ISA handle this config, and HOW?
Ralph M. Los
Asst. Vice-President, Internet Systems and Security
(312) 827-3945 (direct)
(312) 296-9003 (wireless w/voicemail)
* If you haven't been hacked, you don't know where your vulnerabilities lie*