Your opinion about a corporate proxy server to reach the magazine's website from everywhere

Payam Chychi pchychi at gmail.com
Sun Mar 12 21:04:45 UTC 2023


Can’t comment on what’s best for your company.

If you plan to do what you described, sounds like a reasonable plan, though
many others exist.

You can do this using nginx + vouch to hook into an idp like Okta, and
introduce an identity layer into your connection to secure authentication
and authorization up.

Ldap over internet is a horrible idea.

Good luck,
Payam

On Sun, Mar 12, 2023 at 12:43 PM Mauro Tridici <mauro.tridici at cmcc.it>
wrote:

>
> Dear users,
>
> I am a newbie and would like to know your opinion about a request I
> received at work.
>
> I will try to describe the problem.
> The company at which I work has several locations located within the same
> country. The company has subscribed to an online magazine that can be
> accessed after providing the public IP with which the various locations
> face the public network.
>
> Instead of providing the various public IP addresses related to each of
> the different locations, my boss proposed to set up a proxy server at the
> main work location and ask all users in the company to use that proxy to
> reach the magazine's site.
> In this way, even company users working from home can reach the magazine's
> website.
>
> Following are some questions:
>
> - In your opinion, is this a suggested or recommended solution?
> - if such a solution falls within best practices, could you point me to
> some links where examples of configurations are given?
> - from the point of view of network security, it doesn't seem to me to be
> very secure and I think that, for each of the users, we should create
> credentials for access to the proxy server (e.g. through an integration
> with the LDAP server), what do you think?
>
> I thank you in advance,
> Mauro
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
>
-- 
Payam Tarverdyan Chychi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20230312/74dd2b66/attachment.htm>


More information about the nginx mailing list