[Cialug] Connect Two Independent Sites

Scott Yates Scott at yatesframe.com
Thu Jan 9 16:07:14 UTC 2020 

I might argue that point.  I think a REST API served over https combined
with ip whitelisting might have a smaller attack surface and sacrifice no
security.

On Thu, Jan 9, 2020 at 10:05 AM Brett Neese <brneese at brneese.com> wrote:

> VPN is also a good option, and more secure than IP whitelisting. My
> security friends highly recommend https://www.wireguard.com/.
>
> Brett Neese
> 563-210-3459
>
>
>
> On Thu, Jan 9, 2020 at 9:58 AM Scott Yates <Scott at yatesframe.com> wrote:
>
> > I would tend towards an API with IP whitelisting.  It is the simplest to
> > reason about.
> >
> > On Thu, Jan 9, 2020 at 9:49 AM Todd Walton <tdwalton at gmail.com> wrote:
> >
> > > I have an architectural type question for y'all.
> > >
> > > There is a company developing a piece of software that will connect
> with
> > > our own internal systems. Their web app needs to pull data from an
> > > application we have. Our application is not (currently) exposed to the
> > > public. How would you suggest allowing them to connect?
> > >
> > > Options I've thought of:
> > >
> > > * Our app exposes a public API that they tug on
> > > * We set up a proxy server between the two
> > > * We set up a VPN tunnel of some sort between their servers and ours,
> at
> > > the network level or at the server level
> > > * We have somebody there and somebody here sitting at keyboards talking
> > on
> > > the phone to each other and transmitting data, and just hope that
> scales
> > >
> > > We're reluctant to expose our test and qa systems to the internet. But
> > > maybe that's a suck-it-up-and-put-on-your-big-boy-pants kind of thing.
> I
> > > don't know.
> > >
> > > Any thoughts on best practice here?
> > >
> > > --
> > > Todd
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>

More information about the Cialug mailing list