You think you have firewall, IDS/IPS and that's good enough? I have recently deployed few squid reverse proxy boxes per client request, it seems that with Mod_Security kicking in, you can have very effective intrusion prevention boxen for your http server protecting your vulnerable web applications. More than that, you can even have the access control list since squid is flexible enough with it's extensive configuration.
Perhaps you might say that it is just another firewalling box, however that's not the case, imagine you can have the reverse proxy deployed anywhere which not bounce to the geographical limitation, another advantage is that it can serve client request more faster since squid offer caching as well.
Squid Reverse Proxy + Mod_Security = Next Generation Defense Perimeter!
I should have written more but I'm tired now ...... sweet dream guys...ZzzzZZZZ....Snorting.....
Perhaps you might say that it is just another firewalling box, however that's not the case, imagine you can have the reverse proxy deployed anywhere which not bounce to the geographical limitation, another advantage is that it can serve client request more faster since squid offer caching as well.
Squid Reverse Proxy + Mod_Security = Next Generation Defense Perimeter!
I should have written more but I'm tired now ...... sweet dream guys...ZzzzZZZZ....Snorting.....
No comments:
Post a Comment