DMZ with Ajax on client

Asked

Viewed 40 times

2

My problem is this, I’ve been developing a Single-Page Application which in the end will be posted on a server DMZ. On the other side I’ll have one API who will receive the requisitions from my front, the problem is : my client will have a copy of the front on his machine, and when making the request I will have to release my local network (where is the API), making the concept of DMZ only 50%.

Has anyone ever had this problem ? Any suggestions ?

  • Put your API on the DMZ. Implement a local network service that establishes a communication channel with the API - Queue messaging, TCP LAN connection -> DMZ, etc. Route requests through the channel.

  • Any article or tutorial that explains this @Ibotinelly? It’s something new for me and a majority. It might be nice to ask a question and answer the same.

  • @Giancarloabelgiulian posted as reply, thanks for the suggestion.

1 answer

2

By DMZ I understand that you have a network segment only with incoming connections and limitations to services that can be exploited as access vectors. Therefore, a viable implementation follows the following model:

inserir a descrição da imagem aqui

Where:

  • Requests are received, in DMZ, by an API that plays the role of Broker/proxy;
  • This API implements a Messaging Queue - MSMQ, Zeromq or similar;
  • The API sends service requests via MQ, and waits for a response status;
  • On the local network, also monitoring the same MQ, is a service;
  • Upon receiving a request, this service processes it; if necessary, sends a return status/payload;
  • The API processes the return and sends it to the client.
  • In this case, what is the real advantage of using Message Queue? I could implement in its place another API that would return the data in the LAN layer.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.