Methods and systems for secure integration of web and mobile applications with enterprise servers are described. The enterprise servers are accessible via the public Internet, yet communication endpoints of application servers are not exposed to the public Internet. In an embodiment a cloud DMZ server is placed between a web/mobile client and the enterprise. The cloud DMZ server communicates with the enterprise through its firewall (for example via one or more web sockets). In order for the API requests to be made and fulfilled, the enterprise does not need to keep open and inbound port. Because only outbound ports are used on the enterprise side for application layer communication, it is not possible to attack the enterprise in known ways (for example, SYN flood, TCP connect flood, Heartbleed, Poodle, Freak, Logjam, etc.).
展开▼