Brainstorm reverses the proxy solution - Netscape Proxy Server selected by NCR - Company Operations

Cost-effectively authenticate external users of an intranet.

NCR Corp. uses legacy systems--all inside the firewall--which store the accounts and vital information (e.g., order/payment) about its customers, distributors and partners. Historically, these clients contacted the call center to get or update information. Distributors had a growing need to access these systems via the Web.

Since all the systems were inside the firewall, the challenge was to allow customers and partners to access content without compromising security, while providing a fast and economical solution. Moving the application/database server to the demilitarized zone was not an option, because no matter how secure, the risk exists of the server being hacked. All servers were supposed to stay in the intranet, inside the firewall.

The needed solution would allow customers and partners to use their browsers and access the websites that were inside the firewall. After brainstorming sessions, a proposal was made to use the proxy server in the reverse mode (i.e., reverse proxy). The other recommendation was to provide remote node access to customers, distributors and partners. Customers were having to dial in to the NCR network to access the site, a slow and not very secure method.

The two most popular proxy servers in the market were Netscape and Microsoft. Netscape's server was selected because, at the time of the NCR evaluation, Microsoft Proxy server used point-to-point tunneling protocol.

When customers, distributors and partners outside the NCR network try to access the content server, they are sent to the proxy server instead. The real content resides on the content server, safely inside the firewall. The proxy server, which resides outside the firewall, appears to the client to be the content server.

When a client makes a request to the site, the request goes to the proxy server. The proxy server has mappings that point to the content server inside the firewall. The reverse proxy then sends the client's request through a specific passage in the firewall to the content server. The content server passes the result through the passage back to the proxy, called reverse mapping. The proxy sends the retrieved information to the client, as if the proxy were the actual content server.

This is how the data flow takes place:

[arrow down] The client enters the URL of the reverse proxy and initiates the connection with the reverse proxy.

[arrow down] The reverse proxy requests credentials from the users (digital certificates and/or login/password).

[arrow down] Users provide the credentials and are verified by reverse proxy.

[arrow down] The reverse proxy then makes the connection to the internal content.

[arrow down] Web server (forward mapping).

[arrow down] The internal Web server returns the requested page to the reverse proxy (reverse mapping).

[arrow down] Reverse proxy then returns the page/ content back to the client.

This architecture provides five levels of security:

1 Using the Netscape proxy server in a reverse mode provides the first level of security. The client never makes connection to the content server, which is inside the firewall.

2 Installing the server certificate in the proxy server provides the second level of security. All the connections between the client and the proxy server are made through secure socket layer, which means that all the data traffic is encrypted. This eliminates the risk of hackers using sniffers to capture the packets and read the content, or get the login/password information.

3 The third level of security is provided by an individual login/password created for each user. A database is created for each site to be accessed. The individual user login/password is added to this database, which is then given access to one site: a user cannot access other sites.

4 The fourth level of security is achieved by requiring a client digital certificate. A user is verified as to who he says he is. The client digital certificate is tied to the login/password provided to him for accessing the site that he is authorized to view. The login/password is prompted only the first time he accesses the site and then it is tied with the digital certificate. Subsequently, he is prompted only to verify the digital certificate.

5 The fifth level is shutting down all the ports in the firewall except one, so the client can only use a secure connection to the reverse proxy site.

New technologies have presented a way for NCR to cost-effectively authenticate external users of its intranet. NCR now can safeguard its information resource. While still providing customers, distributors and partners with access to information that fulfills their individual, specific requirements, NCR prohibits them from unlimited access or access to anyone else's information.

www.ncr.com

Circle 252 for more information from NCR Corp.

Kumar is webmaster at NCR Corp., Dayton, OH.

COPYRIGHT 2001 Nelson Publishing
COPYRIGHT 2001 Gale Group