Den, Most environments I've been involved with have the Remedy Application server and associated Database server on separate physical boxes on the corporate (private) LAN behind a firewall. The MidTier is installed on yet another physical box on a DMZ drop with exposure to the Internet (on the other side of the firewall). Firewall rules are created to allow traffic between the MidTier and the Application server.
I don't have any experience myself encrypting the connection between the MidTier and the Application server, but assume it can be done from prior messages on the List. As far as securing the connection between remote clients and the MidTier, this is web server dependent and BMC offers little assistance on implementing SSL certificates on your web server of choice. It is just a matter of leafing through web server documentation (e.g. Apache, Tomcat, IIS) with regards to how to implement SSL and/or requiring client certificates. HTH, Ben ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Den Fong Sent: Thursday, October 18, 2007 8:25 AM To: [email protected] Subject: Remedy Application on the Web I just want to clarify the issue about placing the Remedy app on the web. We need to make the connection as secure as possible, it was proposed to proxy into our internal system where the Remedy application would sit. So would a better solution be put a mid-tier instance out in the environment and have the mid-tier connect into the corp system? Is there any other security best practices that can be used on the Remedy server/application itself? TIA Den __20060125_______________________This posting was submitted with HTML in it___ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
