Topic
  • 3 replies
  • Latest Post - ‏2012-10-03T17:02:32Z by SystemAdmin
SystemAdmin
SystemAdmin
6772 Posts

Pinned topic Preventing parters from connecting into DMZ device

‏2012-10-02T19:32:20Z |
Hi,

We are implementing a service in datapower in our DMZ device so it can be opened to our partners. We, however, do not want to open the service to some partners. Is there a way in datapower to not allow a request to go thru if it is a certain URL?

Thanks
Updated on 2012-10-03T17:02:32Z at 2012-10-03T17:02:32Z by SystemAdmin
  • kenhygh
    kenhygh
    1611 Posts

    Re: Preventing parters from connecting into DMZ device

    ‏2012-10-02T19:49:47Z  
    Presumably, if it's in your DMZ, you're doing some kind of AAA. Just don't authorize the partners you don't want to let through.

    Ken
  • swlinn
    swlinn
    1348 Posts

    Re: Preventing parters from connecting into DMZ device

    ‏2012-10-02T21:20:34Z  
    By "partners", can I assume you are taking about a B2B appliance? If so, your partner profiles will specify where to get the partner id. The B2B Service references the partner profiles it will support, so only specify the partner profiles you wish and the others will be rejected. If not B2B, then as Ken mentioned, sounds like you need a AAA action to authenticate your partner.

    Regards,
    Steve
  • SystemAdmin
    SystemAdmin
    6772 Posts

    Re: Preventing parters from connecting into DMZ device

    ‏2012-10-03T17:02:32Z  
    • swlinn
    • ‏2012-10-02T21:20:34Z
    By "partners", can I assume you are taking about a B2B appliance? If so, your partner profiles will specify where to get the partner id. The B2B Service references the partner profiles it will support, so only specify the partner profiles you wish and the others will be rejected. If not B2B, then as Ken mentioned, sounds like you need a AAA action to authenticate your partner.

    Regards,
    Steve
    Right, it's not a B2b device. The LDAP / TAM team does not want to create too many groups, so I was asked what other options we had.