6 Replies Latest reply on Feb 6, 2018 8:50 AM by Toby Erkson

    Tableau Server Internet security - isolating the Gateway service

    Frank Parkin

      Looking at the deployment documentation it is recommended that we use a proxy server between the Internet and the Tableau Server. We could deploy the proxy server into a web-facing network zone and deploy the Tableau server into an application network zone. The problem I see with this is that the user traffic is still terminating (and authenticating) in the application zone. The preference would be terminate this in the web zone. Therefore, are there any higher security deployment designs out there that prescibe deploying a proxy server and the Tableau server running the gateway process only into the web network zone and then running a separate Tableau server in the application zone running all services except Gateway. Thus terminating traffic and authenticating in the web zone and better protecting the application in a separate zone.

       

      Thanks,

      Frank