[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Need recomendations for https proxy that serves as a firewall proxy

On Wed, 2003-12-31 at 13:17, Bernd Eckenfels wrote:
> In article <[🔎] 1072890669.20771.94.camel@noam.witstone.com> you wrote:
> > However, for virtual hosting across multiple back-end machines with
> > authentication at the firewall, I found apache2 + mod_ssl + mod_proxy
> > more suitable. Moreover, pound does not provide caching for
> > acceleration, nor ssl on the back channel.
> The question is, if if does protocol level filtering. If not, you can use
> any form of socket redirects.

I believe pound does protocol level filtering for http 1.1 with webdav
extensions. AFAIK, the apache2 solution does no protocol filtering, yet
it does offer an alternative to the noted limitations of pound.  Whilst
I agree that running apache2 on a bastion is less than ideal and I'd
prefer a protocol filter, I was unable to find a solution that satisfied
my other requirements (notably authentication) otherwise.  

Murray J. Brown, 
Director, Information Security Consulting
Witstone Counterworks inc. and Trusted By Design inc.
Director & Global Investor, The Hunger Project in Canada
"Unleashing the Human Spirit for the end of World Hunger."
[mjb@mjbrown.com] [mjb@TrustedByDesign.com] [mjb@thp.org]

Reply to: