|
Now that you have learned about software architecture, let's examine a case study that shows how software architecture and network security fit together. Company Z wants to deploy a simple web-based application that allows its external customers to fill out a series of forms in order to provide feedback on its new line of widgets. None of the data is particularly confidential or sensitive. The feedback is supposed to be anonymous; therefore, no username, email address, or other data that might be sensitive from a privacy standpoint is transmitted or stored. The perimeter network configuration at Company Z is pretty simple; it is shown in Figure 15.1. The configuration has a border firewall with three interfaces. One interface connects to the Internet, and a second interface connects to the internal corporate network. The third interface connects to a screened subnet that external users can access; it provides external email connectivity, DNS resolution, and web-based applications. The firewall does not perform NAT, and no proxy servers are in use. Figure 15.1. This perimeter network is simple; a border firewall passes packets between the Internet, the hosts on a screened subnet, and the internal network hosts.Company Z has selected an application that meets its business requirements. All components of the software must run on the same host, and the data must be located on that host as well. You have been asked to recommend where in the network the application should be deployed, and what adjustments or changes need to be made to network security in order to implement it securely. Deployment LocationsIn this case, the application could be placed in a few possible locations. Let's consider the benefits and drawbacks of each of them:
Architecture RecommendationBecause this is a one-system application, your primary areas of concern should be potential conflicts between the application and the border firewall and router as well as anything that contradicts your organization's security policy. But in general, any of these options should provide an adequate solution. Because the organization does not consider the data sensitive, the consequences of an application compromise are not as high as they would be for many other applications. This is not to say that you shouldn't be concerned about security, but that you should keep in mind that security is only one factor in creating a design. A proxy-based solution might be somewhat more secure, but the additional costs and resources required for it might be unreasonable given the nature of this application. Performance and reliability might also become unacceptable due to certain network security components. Although it's good from a security standpoint to deploy the host on the new dedicated screened subnet, you will need to consider business needs and resources when choosing the best solution for your environment. |
|