When inbound ports to networks are opened, private networks become vulnerable to malicious hacking attempts. When a hacker’s primary motivation is theft, that hacker will attempt to gain unauthorized access to a network, intent upon stealing and exploiting private and valuable information. Network intrusion attacks can seriously damage an organization’s reputation, and compromise assets and revenue.
In order to protect Titan servers, South River Technologies has written a product called DMZedge Server. The DMZedge server resides outside the firewall. The Titan and GroupDrive servers call out to the DMZedge server by opening an outbound port, preventing unauthorized client requests. Client requests are satisfied by a response on the outbound port; no inbound ports are ever opened. No unauthorized requests can gain access to valuable information and resources that exist on the private network. Access to Titan and GroupDrive servers is securely extended beyond the local LAN with minimal firewall configuration/administration. You can take an “out of the box” stateful firewall with DENY ALL as the incoming firewall rule, put up a DMZedge server and still have an Internet facing, remotely accessible Titan and/or GroupDrive server.
DMZedge will act as an authentication proxy for internal servers. If your users authenticate against Active Directory or LDAP, or even Native GroupDrive or Titan authentication, that capability is extended via the Edge server to external networks. The authentication database is never stored on, or replicated to, the DMZedge server. It can also listen on all the Titan/GroupDrive supported secure protocols – FTPS, SFTP, HTTPS, and WebDAV over SSL. It supports multiple server environments as well as server clustering.
One could explain DMZedge as being both bouncer and doorman – stopping unwanted visitors while allowing residents to enter. The reality is that it’s a fast, simple way to secure access to internal servers while leveraging existing authentication and data access policies.