Macromedia breeze 5 ユーザーガイド
18
Chapter 1: Before You Begin
Single-server configuration
The easiest solution for a dedicated, single-server Breeze system is to block all ports on the server
except 80, 1935, and 443 for SSL-enabled traffic. An external hardware firewall appliance
provides a layer of protection against gaps in the operating system. Some organization configure
layers of hardware-based firewalls to form DMZs. If the server is carefully updated by your IT
department with the latest Microsoft security patches, a software-based firewall can be configured
to enable additional security.
except 80, 1935, and 443 for SSL-enabled traffic. An external hardware firewall appliance
provides a layer of protection against gaps in the operating system. Some organization configure
layers of hardware-based firewalls to form DMZs. If the server is carefully updated by your IT
department with the latest Microsoft security patches, a software-based firewall can be configured
to enable additional security.
The following procedure assumes that you are setting up Breeze Server on a single computer. The
database is to be installed on this computer, too. It is also assumed that you want users to be able
to access Breeze on the Internet.
database is to be installed on this computer, too. It is also assumed that you want users to be able
to access Breeze on the Internet.
To secure Breeze on a single server:
1.
Install a firewall.
Since you are allowing users to access Breeze through the Internet, the server is open to an
attack by hackers. By using a firewall, you can block access to the server and control the
communications that occur between the Internet and the server.
attack by hackers. By using a firewall, you can block access to the server and control the
communications that occur between the Internet and the server.
2.
Configure a firewall.
After installing your firewall, configure it as follows:
■
Inbound ports (from the Internet): 80, 443, 1935
■
Outbound ports (to the mail server): 25
■
Use the TCP/IP protocol only
Since the database is located on the same server as Breeze, you do not need to open up port
1433 on the firewall.
1433 on the firewall.
3.
Install Breeze.
4.
Verify that the Breeze applications are working.
After installing Breeze, you should verify that Breeze is working properly both from the
Internet and from your local network. For more information, see Chapter 5, “Verifying Your
Installation,” on page 91.
Internet and from your local network. For more information, see Chapter 5, “Verifying Your
Installation,” on page 91.
5.
Test the firewall.
After you have installed and configured the firewall, you should verify that your firewall is
working correctly. Test the firewall by attempting to use the blocked ports.
working correctly. Test the firewall by attempting to use the blocked ports.
Multiserver solutions
Multiserver (cluster) solutions are inherently more complex. A Breeze cluster can be located with
a data center or geographically distributed across multiple Network Operation Centers. If you
choose to, you can install and configure servers hosting Breeze in multiple locations and
synchronize them through database replication. Note that SQL Server is required for any
multiserver solution.
a data center or geographically distributed across multiple Network Operation Centers. If you
choose to, you can install and configure servers hosting Breeze in multiple locations and
synchronize them through database replication. Note that SQL Server is required for any
multiserver solution.