Skip to main content

 

Hi, we want to allow access to the Employee Portal outside of our internal network. is it possible to install the employee portal on a different server to avoid exposing the application server to the world?

Hi @DominikaM ,

Using a separate App server instance will not be possible. However, you can minimize the exposure of the application endpoints by using a reverse proxy so that all requests can be terminated at the proxy and shielding the app server from public access. You can restrict the endpoints so other than the required endpoints, nothing else is exposed. This together with using Azure AD/ADFS authentication rather than default DB authentication will give you the additional option of using MFA when accessed from public networks. 

have a look at https://docs.ifs.com/techdocs/Foundation1/010_overview/210_security/090_exposing_to_internet/default.htm

 

Cheers.


Thank you.