Introduction

TOTVS Fluig Platform supports DMZ implementation.

In information security, the acronym DMZ stands for "demilitarized zone". DMZ is a small network located between a trusted and untrusted network, usually between the local network and the Internet.

The function of a DMZ is to keep all the services that have external access (such as HTTP servers) together in a local area network, thus limiting the potential damage in case some service is compromised by an attacker.

Requirements

• The client should have an internet domain.
• The same access address to TOTVS Fluig Platform should be used for both external and the internal networks.
• When TOTVS Fluig Platform is using SSL, only port 443 (instead of port 8080) should be released on the firewall.
• On the firewall, release the following addresses for access from the Fluig server:
  • Fluig Analytics - https://analytics.fluig.com;
  • TOTVS Identity - Identity service server and port, for example, https://fluigidentity.com;
• If the mail server used by TOTVS Fluig Platform is outside the internal network, it is necessary to release the address and e-mail server port on firewalls.
• Fluig mobile application can use both the ports and the topology described.

Topology

The figure below illustrates the topology and the communication ports used by Fluig.