0

Is this a secure setup?

Having an (linux based) Owncloud Server, with Let's-Encrypt SSL Certificate. This server provides shares to the clients, which are SMB connections to an internal File Server

The connection is as follows:

  • DNS Entry --> points to private, public IPv4 Address.

  • This address has an open port in the firewall, forwarding to the IP in DMZ. HTTPs and WWW are allowed

  • The SMB connection directs to an internal File server, which is in the internal network segment. only port 445 TCP is allowed

  • connections are HTTPs

Necessary maintenance:

  • update owncloud
  • update the linux server and file server
  • maintain the firewall

of course as well:

  • monitoring and backup
  • awarenes of users and admins (maybe most critical point)
Dave
  • 73
  • 6
  • Your maintenance plan is missing backups and monitoring. - And note that security depends as much, if not more on configuration, the behaviour of your admins & users than it does on infrastructure design. A valid TLS certificate *for example* does not mitigate keeping the default admin password unchanged. – diya Oct 18 '22 at 13:12
  • You are right, of course! We are doing that, but I missed listing it... but the infrastructure design as such is safe? – Dave Oct 20 '22 at 07:57

0 Answers0