Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

separating internal / external users

jonker@hitt.nl
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
August 21, 2017

Hi 

Currently we have confluence server for intenal and external data. This prefectly mananged by setting permission on space. Customers and employees can use Confluence and can access the data based on the permission.

However, the company requires anow dditional security for intenal data/users. A user still can have access to confluence with username / password as long as they are on the local network, but need 2 way authentication when they are outside the office.

The 2 way authenitication is possible by setting up a VPN connection to the office network and can use Confluence. But how can I prevent that the account can not access Confluence directly from the internet like the customers can do.

Main idea behind it, when user credentials of our employees are compromised, everybody can have access to our internal data.

I was thinking to install 2 confluence servers, a server for our customers and an internal server. Customers have access to the public server only and internal users have an internal server.

But in this case the data of the external server needs to be transparent in the internal server (e.g. as a space).  So search functionality runs over two servers. Internal users can still see the public information and do not have to login on two different servers

Has somebody any idea how to do this?

Thanks in advance for your support

  

1 answer

0 votes
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
August 23, 2017

Two servers won't solve this problem because there is no cross-server search.  They are separate systems.

You should do this on a network level, not with the applications.  Talk to your network teams about how incoming connections are routed and how best to authenticate people coming in via the different routes.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events