Server-to-server authentication solution - help required


Fri Jan 4 00:30:02 EST 2008 

Hi !

We are exploring use of VPN (IPSec based probably)  type of service for a
"server-to-server" authentication solution.  Your help would be highly
appreciated for providing your valuable inputs to following requirement and
queries.

The nutshell requirements goes as follows:

   two servers on the internet needs to communicate; say a merchant or a
   broker's system with HDFC Bank's systems
   one of the systems i.e the "Server" side of it would be a
   web/web-cum-application server, hosted in the internet segment, behind
   the fire wall, inside the bank's data centre in Mumbai
   the other server i.e. the "client" is on the other end, could be a
   merchant, a e-brokering system, in broker's data centre or hosted in an
   ISP data centre etc.
   these servers need to exchange http/post messages, XML messages ASCII
   and binary ISO messages etc. , both in per transaction request -
   response pair messages as well as bulk XML/http file transfer messages
   in batch mode
   each end would have some firewall, HDFC Bank uses CheckPoint at our end
   we need to address the data integrity, two way authentication,
   confidentiality and non-repudiation for all such interfaces.


Query :

   Can we use VPN for the above requirement ?
   Would the solution, if feasible, address non-repudiation ?
   Using OpenStandards like IPSec, is it possible to make various different
   Firewalls interface with each other ?
   Assuming both ends have a Firewall, take for example CheckPoint in HDFC
   Bank and say Cisco PIX hardware firewall on the other end, could these
   be made to take with minimum firmware/software/key activation type of
   upgrades using Open Standards, and without having to install a dedicated
   client of each on the other end ?
   Could you please recommend / provide a solution  or a suitable approach
   ?

Your reply would be eagerly awaited.

Thanks & Regards.

Munish Mittal
Chief Systems Architect
HDFC Bank Ltd.
+91-22-8524900 Extension : 1550
munish.mittal at hdfcbank.com
www.hdfcbank.com

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list