IBM Tivoli Monitoring > Version 6.3 Fix Pack 2 > Installation Guides > Installation Guide > Firewalls

IBM Tivoli Monitoring, Version 6.3 Fix Pack 2


Implementation with firewall gateway

The firewall gateway feature enables additional end-to-end connectivity options for use in environments with specific TCP/IP connection management policies.

The firewall gateway is capable of negotiating multiple firewall hops and network address translation (NAT). It also allows you to configure network traffic so that it is initiated from the more secure network zone.

The Firewall Gateway provides the following functionality:

NAT alone is not a reason to use the firewall gateway, which is content-neutral and can proxy any TCP connection. In most cases, NAT processing is handled by the PIPE protocol (IP.PIPE or IP.SPIPE), which can be used without the firewall gateway. Use the gateway when you have any of the following scenarios:

In the context of firewalls, the server and client relationship can best be described in terms of upstream and downstream. Those entities that open a socket to listen for requests are at the upstream or server end. Those entities connecting to the server are at the downstream or client end. Using one or more relay configurations, logical connection requests flow from a listening downstream server proxy interface, and terminate in an outbound connection from an upstream client proxy interface to a listening server. Intermediate relay configurations consist of an upstream relay interface containing at least one downstream relay interface.


Parent topic:

Firewalls

+

Search Tips   |   Advanced Search