1

I have an application which replies on both http and websocket: it is hosted outside the company server farm.

This application is used both via browser/websocket and, through http, from applications running inside the SF (server2server) -- Obviously this S2S needs much higher socket and connection timeout since we are talking about two separate networks. I would like to bring the application inside our server farm but my company say that this is dangerous because it exposes our internal ip addresses. We are currently behind a famous CDN which does not support websocket -- what's the risk of moving this application inside the SF and have a second CDN supporting websockets which "proxies" only this application? Why should it be more dangerous than a normal http connection? Would the open TCP channel expose directly the server behind the CDN?

thanks

Carlo Bertuccini
  • 111
  • 3
  • Do you own and manage that server where your app reside currently ? Why it's external ? Does it hold confidential data ? I try to understand more your situation – yagmoth555 Oct 09 '17 at 00:14
  • I do not own this server, it is just on some external web service provider for two main reason - the external provider supports ws and my company did not want to place it in our network for the reason before (scare of expose IP and receive a ddos or other attack) -- this application does not own any sensible data but some application running inside the sf do – Carlo Bertuccini Oct 09 '17 at 05:14

0 Answers0