As i have seen many customer accessing the web console directly outside through WAN IP configured the NAT to LAN directly exposing the network for outside potential threat .So i have just created a very simple diagram to make the end user understand .
In this article you will learn another strong reason why you should have installed Orion Additional Web server application within your environment and how to secure Orion environment with Orion additional web server.
Unsecured network access
This is highly unsecured version of installation where you compromising the Orion server through the directly exposing the LAN network for outside unsecured browsing
Image may be NSFW.
Clik here to view.
Secured WAN access to Orion web console through DMZ
You can install Additional Web Server within the DMZ and route the WAN browsing traffic through DMZ in order to maintain security for WAN users.
Image may be NSFW.
Clik here to view.
Notes:
For LAN users, you can access the Orion website from both servers so there will not be any issue while you have the web server placed for WAN users .
Orion Additional Web Server will be talking directly to the Orion Database. It will also help to reduce the load from the primary Orion NPM server and will improve browsing performance for the LAN users as well while providing security for your network .
