On-premises Server deployment issues

Santosh_BR
New Contributor III

JAMF will be hosted from DMZ which will help users outside Organisation network to communicate with JAMF Server but not with the internal users, vice versa if they are hosting it on the internal network, customer is certain about not opening the ports as it will tarnish the purpose having DMZ.

Any alternatives...????

1 REPLY 1

blackholemac
Valued Contributor III

Do a cluster and put a second Tomcat instance in the DMZ. the main database and Tomcat would be internal, the second Tomcat instance external and the only thing he would have to open in the DMZ is port 3306 from the DMZ server to the internal.

check out this article: https://www.jamf.com/jamf-nation/articles/174/installing-a-jss-web-application-in-the-dmz

This technique will also require the use of split dns.