Message Image

Skip main navigation (Press Enter).

Layer7 API Management

Back to discussions

Expand all | Collapse all

How to establish one-way TCP communication?

Mariusz TernesMar 08, 2019 03:03 AM

Dear APIM Experts, I'm having Customer who's network security policies enforce 'inside-out' traffic. ...

Stephen HughesMar 08, 2019 05:20 PM

Mariusz, We have seen implementations that deploy a multi trust zone configuration where a gateway ...

1. How to establish one-way TCP communication?

0 Recommend
Mariusz Ternes
Posted Mar 08, 2019 03:03 AM

Reply Reply Privately
Dear APIM Experts,

I'm having Customer who's network security policies enforce 'inside-out' traffic. That means that the TCP session for traffic can be only established from LAN to DMZ, not opposite (Of course requests are coming from outside world to the DMZ and these need to be processed somehow).
I could have one API GW deployed in LAN and one in DMZ.
Is there a way to achieve the goal using this architecture with CA API GW?
Are there any other options (except setting some kind of MQ on DMZ side for storing the requests)?

Thank you in advance for help.

Best regards,
Mariusz
2. Re: How to establish one-way TCP communication?

1 Recommend
Broadcom Employee

Stephen Hughes
Posted Mar 08, 2019 05:20 PM

Reply Reply Privately
Mariusz,

We have seen implementations that deploy a multi trust zone configuration where a gateway resides in the DMZ and another one in the internal network. They normally communicate with each other deploying communication from the DMZ into the internal network and vice versa. The scenario you outlined could use MQ, JMS, Database, Memory Cache servers, Cassandra, etc to have the payload pushed to by a DMZ gateway then the internal Gateway pull the data in.

Sincerely,

Stephen Hughes
Broadcom Support

Copyright 2023. All rights reserved.

Powered by Higher Logic