In a typical DMZ architecture, there is a desire to have the minimal number of components available within the zone and not have any components that could compromise the enterprise. One possible DMZ architecture is that the DMZ only contains the necessary APICasts and the Developer Portal for signup workflows.
We believe that the Developer Portal can only be deployed with the Admin Portal, making it difficult to deploy this architecture. Having the Admin Portal in the DMZ is a risk because if it is compromised, information can be gathered on the backend environments, as well as changes to policies/rate limits/etc.
The intent of this RFE is to ask for the Developer Portal be decoupled from the Admin Portal so that we can deploy the portals in a separate environments.
In addition, any reference DMZ architecture documentation is appreciated.