Case Study: Customer Feedback System


Now that you have learned about software architecture, let's examine a case study that shows how software architecture and network security fit together. Company Z wants to deploy a simple web-based application that allows its external customers to fill out a series of forms in order to provide feedback on its new line of widgets. None of the data is particularly confidential or sensitive. The feedback is supposed to be anonymous; therefore, no username, email address, or other data that might be sensitive from a privacy standpoint is transmitted or stored.

The perimeter network configuration at Company Z is pretty simple; it is shown in Figure 15.1. The configuration has a border firewall with three interfaces. One interface connects to the Internet, and a second interface connects to the internal corporate network. The third interface connects to a screened subnet that external users can access; it provides external email connectivity, DNS resolution, and web-based applications. The firewall does not perform NAT, and no proxy servers are in use.

Figure 15.1. This perimeter network is simple; a border firewall passes packets between the Internet, the hosts on a screened subnet, and the internal network hosts.


Company Z has selected an application that meets its business requirements. All components of the software must run on the same host, and the data must be located on that host as well. You have been asked to recommend where in the network the application should be deployed, and what adjustments or changes need to be made to network security in order to implement it securely.

Deployment Locations

In this case, the application could be placed in a few possible locations. Let's consider the benefits and drawbacks of each of them:

  • Using the existing screened subnet Because other services accessed by external users are located on the existing screened subnet, it is a logical place to add another host that offers services to external hosts. The firewall rule set would need to be slightly adjusted to permit the appropriate traffic to and from this host. Deploying the application to this location would require the least work of the three options.

  • Deploying a new screened subnet If an evaluation of risk indicates that this application requires a different level of security than hosts on the existing screened subnet, a new screened subnet can be created for it. This requires using an additional interface on the firewall and creating new firewall rules.

  • Using the internal network If the Internet firewall does not have strong proxying capabilities, you could consider deploying a reverse proxy server to a screened subnet and only allowing that server to contact the application. This directly limits connections from external hosts that enter the internal network and might provide better host protection. However, unlike the first two solutions, using the internal network might require an additional host to be created and secured if a suitable proxy server isn't already deployed.

Architecture Recommendation

Because this is a one-system application, your primary areas of concern should be potential conflicts between the application and the border firewall and router as well as anything that contradicts your organization's security policy. But in general, any of these options should provide an adequate solution. Because the organization does not consider the data sensitive, the consequences of an application compromise are not as high as they would be for many other applications.

This is not to say that you shouldn't be concerned about security, but that you should keep in mind that security is only one factor in creating a design. A proxy-based solution might be somewhat more secure, but the additional costs and resources required for it might be unreasonable given the nature of this application. Performance and reliability might also become unacceptable due to certain network security components. Although it's good from a security standpoint to deploy the host on the new dedicated screened subnet, you will need to consider business needs and resources when choosing the best solution for your environment.



    Inside Network Perimeter Security
    Inside Network Perimeter Security (2nd Edition)
    ISBN: 0672327376
    EAN: 2147483647
    Year: 2005
    Pages: 230

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net