+

Search Tips   |   Advanced Search

DMZ Secure Proxy Server for IBM WebSphere Application Server administration options

The DMZ Secure Proxy Server for IBM WebSphere Application Server is administered differently than the WebSphere proxy server. The DMZ Secure Proxy Server for IBM WebSphere Application Server is a separate binary installed in the DMZ. Installing the DMZ Secure Proxy Server for IBM WebSphere Application Server in the DMZ requires that administration be managed differently for security reasons. Several administrative options are available for administering the DMZ Secure Proxy Server for IBM WebSphere Application Server to provide different levels of balance between security and usability.

The most secure way to administer the DMZ Secure Proxy Server for IBM WebSphere Application Server is locally . The DMZ Secure Proxy Server for IBM WAS does not have web container. Therefore, local administration can only be done via the command line. Using wsadmins locally to manage the DMZ Secure Proxy Server for IBM WebSphere Application Server is the most secure option available because it does not require any external listening ports to be opened.

The DMZ Secure Proxy Server for IBM WebSphere Application Server configurations can also be managed within the network deployment application server cell and then imported locally using wsadmins. The configurations are maintained inside the cell as configuration only profiles. The profiles are registered with the Admin Agent and are then managed using the console. After you implement any changes to the profile, you export the configuration to a configuration archive (CAR) file using the exportProxyProfile or exportProxyServer wsadmin commands. After you transmit the CAR file to the local DMZ Secure Proxy Server for IBM WebSphere Application Server installation using ftp, the CAR file is imported using the importProxyProfile or importProxyServer wsadmin commands. This option is also considered to be local administration.

Due to security reasons, the number of listening ports on the secure proxy is minimized. We might not be able to manage, start, stop the secure proxy from the admin agent or the job manager remotely when admin security is enabled.


Related concepts

  • WebSphere DMZ Secure Proxy Server for IBM WebSphere Application Server
  • DMZ Secure Proxy Server for IBM WebSphere Application Server start up user permissions
  • DMZ Secure Proxy Server for IBM WebSphere Application Server routing considerations
  • Error handling security considerations for the DMZ Secure Proxy Server for IBM WebSphere Application Server
  • Administrative agent
  • Job manager


    Related tasks

  • Tune the security properties for the DMZ Secure Proxy Server for IBM WebSphere Application Server
  • Administer jobs in a flexible management environment

  • ConfigArchiveOperations (AdminTask)
  • ProxyManagement (AdminTask)