Polling Engine Relocation

I have been tasked by my company to move our polling engine and separate it from the Web UI front end (Customer Portal) that our customers use for logging in. The plan is to have the Polling Engine locked down in a secure area with only access on the necessary ports to our customer equipment and have the web front end in a DMZ for our customers to log in to.

Any technical advice that you could offer on the above would be appreciated as realistically we need this in place by the 14th of July.

  • If I understand correctly, you will have an Additional Web Server (AWS) place in the DMZ while the rest of NPM is on the internal network.  The overal process is pretty straight forward as an AWS is easy to setup.  The biggest issue is going to be configurnig the firewall to allow the AWS to communicate with the rest of the NPM system.  Still not that big of a deal.  The use of a valid SSL cert on the AWS would be a good idea as well.  This is effectively the model that I have setup at my company and it works pretty good.  The one odd setup to it is that our DMZ does not have access to our AD servers, so we use local NPM accounts for customers.  If we need to log in to the AWS, we have to setup a local NPM account in addition to our AD account.  You could take it a step further and have a three tier model where you have a Web, Application, and Internal layers.  You would then put a proxy in the Web portion for customers to access and then the AWS in the Application layer and the the remain portions of NPM in the Internal layer.  Some say this is a bit overkill and some say it is a security standard.