Security, WebSphere Adapter for Email

IBM BPM, V8.0.1, All platforms > Authoring services in Integration Designer > Services and service-related functions > Access external services with adapters > Configure and using adapters > IBM WebSphere Adapters > Email > Plan for adapter implementation
Security

WebSphere Adapter for Email supports user name and password authentication methods of Java™ 2 as implemented in J2C. By supporting authentication, the adapter provides protection for sensitive user data in log and trace files. Java 2 has other security methods, such as Kerberos, which is not supported. The authentication details are configured using the external service wizard. Secure Sockets Layer (SSL) can be configured to protect the integrity of information being passed between the mail server and the adapter and, for users who require it, the adapter can be configured to run in support of the Federal Information Processing Standard (FIPS) 140.

Antivirus software

If an antivirus program is running on your system (the system on which the adapter is deployed or the one that hosts the mail server), the adapter might fail to send outbound emails. It happens because some types of antivirus software have auto protection turned on for Internet email protection. When auto protection is turned on, the antivirus software might treat open connections to a mail server as malicious attacks and block all emails using that connection. Because the adapter maintains the connections to the mail server in the pool, it does not close any of the connections. It might result in the antivirus program blocking all email from the adapter.
By default, the Select when antivirus or firewall software is running check box in the connection properties window of the external service wizard is selected. This means that the adapter will close the connection after each outbound request.

Support for protecting sensitive user data in log and trace files

You can configure the adapter to prevent sensitive or confidential data, in the log and trace files, from being viewed by users without authorization.
Configure Secure Socket Layers
Data that travels across a network can be intercepted by third parties. When this data includes private information such as passwords or credit card numbers, steps must be taken to make this data unintelligible to unauthorized users. Using Secure Sockets Layer (SSL), you protect the integrity of information passed between the mail server and the adapter.
Configure the module for federal information processing standard 140
The Federal Information Processing Standard 140 (FIPS) is a United States government standard for cryptographic features like encryption, decryption, hashing (message digests), Secure Sockets Layer, Transport Layer Security, Internet Protocol security, Secure Shell, signatures, key exchange, and key or certificate generation used in software products and modules. For users working with the United States government who must conform to the FIPS standard, the adapter can be configured to run in FIPS mode.

Plan for adapter implementation

Previous topic: Before you begin

Next topic: Required folders for inbound processing