1

Background

The company I work for have a system with some data. This system's hosted in our private data centre. This system provides some ReST web services. We're looking to create a website, hosted in Windows Azure, which will call the above system's ReST services. Users of this website will be authenticated via ADFS (long term we may look to include other options for users outside of our company to be authenticated). We need to secure the communication between the Azure website and the locally (data centre) hosted system. Initially we'd like to keep this simple; e.g. allow a trusted IP from Azure to talk to our ReST service. Longer term we'd been keen to implement something more flexible, such as OAuth to allow other external applications to be plugged in with minimal effort.

Question

Is securing services by IP sensible, or could this be a security risk (especially as we're hosting on Azure, where potentially others may host applications)? If anyone's done something similar before / can point me in the direction of useful articles, that would also be appreciated.

JohnLBevan
  • 197
  • 6

1 Answers1

1

Securing by IP is a great first step. It severely limits your attack surface. But, as you point out, the source IP in PAAS deployments has limited trust value.

Adding a (reverse) proxy server between the outside world & the inside (local) server will also make things more difficult for an attacker. In business settings, having a reverse proxy separate from the application server also allows you to give the developers & the IT security team their own "box". The proxy server can then be hardened & closely monitored (making IT security happy) without much affect on the application (making the developers happy).

Finally, setting up a secure IP transport (e.g. SSH tunnel, VPN, or HTTPS with a limited set of certificates) between the Azure servers & the internal network will greatly limit the attack surface. This may be difficult with the Azure platform, which is why I have it last.

Shawn C
  • 181
  • 2