I have an application which replies on both http and websocket: it is hosted outside the company server farm.
This application is used both via browser/websocket and, through http, from applications running inside the SF (server2server) -- Obviously this S2S needs much higher socket and connection timeout since we are talking about two separate networks. I would like to bring the application inside our server farm but my company say that this is dangerous because it exposes our internal ip addresses. We are currently behind a famous CDN which does not support websocket -- what's the risk of moving this application inside the SF and have a second CDN supporting websockets which "proxies" only this application? Why should it be more dangerous than a normal http connection? Would the open TCP channel expose directly the server behind the CDN?
thanks