LFWeblink server and LaserFiche database both outside firewall

This configuration is the simplest to implement. It allows closer control over the private network while providing access to the LaserFiche database. The primary drawback to this configuration is that the internet clients have direct access to the LaserFiche database server.

Note: While there are no known explicit security risks associated with the LaserFiche server, the system administrator must take special care to make sure that the underlying operating system (NetWare or NT) does not allow direct access to stored data (through drive sharing, and the like). In addition, standard security procedures -- such as changing passwords on a regular basis, and not sharing logins/passwords with anyone -- still apply.

Refer to the firewall diagram legend for explanations of the graphical conventions used below.

		An internet user (via web browser) requests information from the LaserFiche database through a web site incorporating LFWeblink.
		The request is received by the HTTP (web) server, which opens a connection with LFWeblink. LFWeblink opens/continues a connection with the LaserFiche database server.
		The LaserFiche database server receives the connection command and provides the requested information back to the user through LFWeblink.
		The firewall is configured to allow internet (web, email, ftp, etc.) access from the private network. All access initiated from the internet to the private network is restricted.