Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…
-
Upload
gloria-hamilton -
Category
Documents
-
view
218 -
download
0
description
Transcript of Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…
![Page 1: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/1.jpg)
Bridge through Firewall
Revised August 8th 2001
![Page 2: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/2.jpg)
Objectives
Run Bridge through the firewall but block SQL port 1433 for inbound traffic. There should be no SQL initialization from DMZ zone.
![Page 3: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/3.jpg)
Firewall Setup
![Page 4: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/4.jpg)
BridgeSource = DMZ COREDestination = Central Core
DSM
Bridge WV Gateways
UDP 162, ICMP Ping
SQL 1433 FIREWALL
Host A
UDP 161 - Traps
Common Services
Common Services
CORE HostWV
Gateway
Common Services
SQL Port Outbound traffic – Bridge Pulls information from inside the firewall
WV GatewayDMZ Core
Central Core
![Page 5: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/5.jpg)
Inbound Rules
SQL Port Blocked from DMZ to Private
![Page 6: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/6.jpg)
Outbound Rules
SQL Port Open for Private to DMZ traffic
![Page 7: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/7.jpg)
Active Connections
![Page 8: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/8.jpg)
Denials List
SQL Port Blocked from DMZ , initialization denied
![Page 9: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/9.jpg)
Bridge Configuration
RGT1N = Core outside Firewall
DAWYA01D = Core Inside the Firewall
Bridge Running inside Firewall
![Page 10: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/10.jpg)
Destination Core
Core Inside the Firewall
Status in sync with DMZ core
![Page 11: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/11.jpg)
Maintaining Status
Any Status updates in DMZ core will be propagated to the Central CORE.
Be selective on Bridge Rules – DMZ core should be relatively small as it would
need to transmit all worldview notification Source CORE not in the same server
as the Bridge Instance. Not best practice
![Page 12: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/12.jpg)
WorldView Notification
![Page 13: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/13.jpg)
NodeView from Private Network 7774
unblocked for outbound traffic
![Page 14: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/14.jpg)
AgentView with Routing
7774 unblocked for outbound traffic
![Page 15: Bridge through Firewall Revised August 8th 2001. Objectives Run Bridge through the firewall but…](https://reader036.fdocuments.us/reader036/viewer/2022062911/5a4d1c097f8b9ab0599f2a26/html5/thumbnails/15.jpg)
Questions and Answers
Any questions?Any questions?