2.2.1 Realizing a system configuration that will ensure security
Properly install security hardware or software on the system to prevent unauthorized access to the system from the outside.
By using a firewall, you can control access between the external and internal networks. You can prevent unauthorized access from the external network by pre-specifying the clients to be granted access to the system and then enabling or disabling communication according to the established rules. In addition, by using intrusion detection system (IDS), you can monitor the communication lines and, based on the communication pattern, detect and prevent unauthorized access.
If you deploy reverse proxy server, you can prevent malicious clients from directly accessing a Web server that contains important content. The reverse proxy server can receive requests from clients and access the Web server.
If communication path security is ensured through the use of encryption, SSL accelerator can handle the encryption and decryption processes, avoiding placing any load on the Web server and application server.