On Sun, 23 Sep 2012 21:44:19 +0530
vipin kumar <vipinkumar41(a)gmail.com> wrote:
The page is almost ready for reviews and feedback. Please have a look
at following page and provide feedback.
Just a few minor nitpicks:
- I'd just say we should remove any mention of pix firewalls or nat in
the diagrams. In phx2 we are behind a firewall setup, but all our
other sites are just directly on the net, and we don't control or
have any knowledge of the phx2 firewall stuff anyhow. ;)
- Might make the vpn lines bi directional. For app servers and such
data travels back and forth both ways over the vpn for requests.
- "Authorization can be done at Proxy Server though it should be done at
application level for security reasons" Depending on what auth you
mean here, it should always be done at the application level... when
someone logs into FAS it is a request: proxy->fasserver and then they
have a cookie that lasts for X minutes to authenticate against the
various FAS using applications. Nothing should really auth on the
proxy directly that I can think of...
- For the 'data layer' in the last diagram, might note that that is
mostly database servers. I guess in the case of the wiki it's also
nfs storage (for attachements).
Overall this looks great!
Thanks again for working on it.