[Fusioninventory-user] DMZ deployment options
David DURIEUX
d.durieux at siprossii.com
Wed Oct 31 15:41:32 UTC 2012
Le Wed, 31 Oct 2012 15:22:09 +0000
Benjamin Huntsman <BHuntsman at mail2.cu-portland.edu> a écrit:
>Why not implement a small, stand-alone communication server front-end,
>based on a derivative of the OCS Communication Server, that can accept
>the inventory from the agent, and write it directly into the GLPI
>database? This way, you could have a host in the DMZ running the
>Communication Server, and have firewall rules only allowing traffic to
>port 443, and on the back-end, firewall rules only allowing MySQL DB
>connections in to the GLPI DB server?
>
>The FusionInventory systems offers a lot of potential advantages, but
>due to these security concerns, I'm leaning toward sticking with OCS
>and a DMZ-based Communication Server.
But for security like you said, you don't give GLPI or other product
access in the DMZ
>Thanks!
>________________________________________
>From:
>fusioninventory-user-bounces+bhuntsman=mail2.cu-portland.edu at lists.alioth.debian.org
>[fusioninventory-user-bounces+bhuntsman=mail2.cu-portland.edu at lists.alioth.debian.org]
>on behalf of Gonéri Le Bouder [goneri at rulezlan.org] Sent: Wednesday,
>October 31, 2012 3:45 AM To:
>fusioninventory-user at lists.alioth.debian.org Subject: Re:
>[Fusioninventory-user] DMZ deployment options
>
>On Wed, Oct 31, 2012 at 08:53:14AM +0100, Guillaume Rousse wrote:
>> Le 30/10/2012 20:55, Benjamin Huntsman a écrit :
>> > So, is anything like that available, possible, or in the works?
>> DMZ doesn't have any formal definition. What's your exact
>> constraints, in term of network connections ?
>Hi Benjamin and all,
>
>I used a little script to collect inventory and store them in
>a directory. After that, you can move these inventory files on another
>machine outside of the DMZ and push them in the server with
>fusioninventory-injectory.
>
>I'd just created a page on the documentation regarding that:
> http://www.fusioninventory.org/documentation/fi4g/dmz/
>
>I think I will import collect.php in the agent source tree. For example
>in the tools directory.
>
>Best regards,
>--
> Gonéri
>
>_______________________________________________
>Fusioninventory-user mailing list
>Fusioninventory-user at lists.alioth.debian.org
>http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/fusioninventory-user
More information about the Fusioninventory-user
mailing list