#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    3
    Rep Power
    0

    New user needing help with a Windows based IT guy


    New to the forum and I've got a couple questions regarding using a Citrix firewall when connecting to a database from the outside world. I am just a consultant and the IT guy who works up there is a security nazi. No computer outside the citrix firewall can communicate with the server.

    Now what I am doing is trying to figure out how the users will be able to download files from the database if no one can connect to the server from the outside world.

    I have tried to get the clients to agree to use linux on this server and take it out of the Citrix firewall, but the IT guy is railroading me talking about security . They use Windows Server 2003, but he won't agree to take that off the Citrix platform.

    Any suggestions on what I can do to convince him to open the ports for Apache, mysql, ect. He is has been very stubborn at every opportunity when I bring up the firewall >.<
  2. #2
  3. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,424
    Rep Power
    4539
    Moved from IIS
    ======
    Doug G
    ======
    The man who doesn't read good books has no advantage over the man who can't read them.
    --Mark Twain
  4. #3
  5. Contributed User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jun 2005
    Posts
    4,376
    Rep Power
    1871
    Q1 - who's head is in the noose if security is compromised?

    Q2 - who's head is in the noose if you manage to hack some bypass that wasn't approved by the security guy, and then security is compromised?

    Q3 - who is driving (or approved) the requirement that states external users should be allowed to download files? Are they aware of the security implications? Have the approver and security people even talked to one another?
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper

IMN logo majestic logo threadwatch logo seochat tools logo