Hello,
I am not sure if this is the right platform to ask this question. But still asking in a hope to get some good pointers.
In a typical B2B setup, there is a Proxy installation done in DMZ, for both out-bound and in-bound calls.
As per my understanding:
webMethods Enterprise Gateway, in DMZ, is being used only for in-bound calls and not for out-bound.
For out-bound calls, it is generally an organization wide proxy being used. Now for B2B transactions, some organizations use other application specific proxies (Like: Bluecoat, Layer 7 etc…).
My question is regarding the out-bound calls, why do we need an additional proxy for out-bound calls. And what role do they play in Secure tranactions (SSL).
Any study material to understand this whole set-up would be a great help here.
Thanks in advance for your reply.
Interesting topic started and I believe we don’t need addiontal proxy for just outbound calls and since org wide proxy/firewall rules can be applied even for the outbound calls and restrict/allow traffic to only the ports that are requested (obviously 443 and 80 normally allowed for internet outbound use)
Regarding specific proxies question I will defer to the other experts here if they have any hands on or major bullet points can be given.
More intrigue around SOA set-up. Generally it is recommended to have a application proxy to control both outbound & inbound traffic. SSL handshake and connection establishment happens, via certificate exchange, between proxy and external partner (Could be provider or consumer in Web Service scenarios). In these application proxies one can implement additional security requirements (SQL Injection, etc…).
So how it is different from B2B setup.
For Inbound use Enterprise Gateway, and for outbound a separate/or enterprise wide proxy.
Any thoughts, experiences, or pointers around these would be of great help.