Advanced Message Security interception on message channels
Advanced Message Security (AMS) interception provides an additional option of security policy protection (SPLPROT) to sender, server, receiver, and requester channels, allowing you to support AMS and to communicate with business partners who do not support AMS.
Taking the example of a clearing house communicating with a bank, Figure 1 shows that, without AMS interception, both sides of the system need to support AMS.
A key benefit of the AMS interception option is, that if your enterprise has AMS configured, and not all of the business partners support AMS, we can remove protection from outbound messages and protect inbound messages on channels to and from those business partners that do not support AMS.
Using the example of a clearing house and banks, this scenario is shown in Figure 2, where there is a message flow between the clearing house, banks, and business partners where some institutions have AMS, and others do not.
Typically the channels are TLS enabled.
However, there might be a case where some banks and business partners do not support AMS, and there is a requirement to be able to exchange messages between all banks and business partners. This scenario is shown in Figure 3
- AMS interception on server-to-server message channels
Server-to-server message channel interception provides a means to control if messages should have any applicable Advanced Message Security (AMS) policies applied to them, when sender type message channel agents get messages from transmission queues, and receiver type message channel agents put messages to target queues.
Parent topic: Overview of Advanced Message Security
Related information