To minimize the number of open ports in the firewall, use the Rewriter Proxy. When you install the Rewriter Proxy, HTTP requests are redirected to the Rewriter Proxy instead of directly to the destination host. The Rewriter Proxy in turn sends the request to the destination server.
Using the Rewriter Proxy enables secure HTTP traffic between the Gateway and intranet computers and offers two advantages:
If a firewall is between the Gateway and server, the firewall needs to open only two ports. One firewall is between the Gateway and the Rewriter Proxy and another is between the Gateway and the Portal Server.
You can use a third-party proxy to use only one port in the second firewall to read the Rewriter Proxy.
HTTP traffic is now secure between the Gateway and the intranet even if the destination server only supports HTTP protocol (not HTTPS).
You can run multiple Rewriter Proxies to avoid a single point of failure and achieve load balancing.