When creating a DMZ Secure Proxy Server for IBM® WebSphere® Application Server, default
security levels of high, medium and low are available. In addition to the predefined configuration
levels, you can modify the security settings for your DMZ Secure Proxy Server for IBM WebSphere Application Server. When you choose to customize the
settings, a qualitative value of high, medium or low is still assigned to inform you of the overall
security level of your DMZ Secure Proxy Server for IBM WebSphere Application Server.
Deprecated feature: DMZ Secure Proxy Server is
deprecated.
Before you begin
A DMZ Secure Proxy Server for IBM WebSphere Application Server must be installed before
these steps can be completed. The DMZ Secure Proxy Server for IBM WebSphere Application Server
profile must be registered with the AdminAgent for this panel to be available.
About this task
Installing the DMZ Secure Proxy Server for IBM WebSphere Application Server in the DMZ
rather than the secured zone presents new security challenges. The DMZ Secure Proxy Server for IBM WebSphere Application Server has been equipped with various
capabilities to provide protection for meeting these challenges. It addition to the predefined
security configurations for your DMZ Secure Proxy Server for IBM WebSphere Application Server you
can also tune the settings to customize the protection.
Procedure
- Click to open up the Proxy security
settings panel.
- Choose your administration option for your DMZ Secure Proxy Server for IBM WebSphere Application Server.
- Choose your routing option for your DMZ Secure Proxy Server for IBM WebSphere Application Server.
- Static routing - Security level: high
- Dynamic routing - Security level: low and medium
- Choose your startup permission option for your DMZ Secure Proxy Server for IBM WebSphere Application Server.
- Run as an unprivileged user - Security level: medium and high
- Run as privileged user - Security level: low
- Optional: If Run as an unprivileged user is selected, enter the user name or
the user group whose identity the server should assume after startup has completed.
- Choose your custom error page policy option for your DMZ Secure Proxy Server for IBM WebSphere Application Server.
- Local error page handling - Security level: high
If you choose to use local error page
handling, you need to select which error responses should use custom error messages. Select Handle
local errors for responses generated by the proxy server and select Handle remote errors for
responses generated by the backend server. Both options may be selected to use custom error messages
for local and remote errors. Manage your error code mappings to determine the custom error pages to
be used for specific responses.
- Remote error page handling - Security level: low and medium
If you choose to use remote error
page handling to include custom errors, you need to select which error responses should be
customized. Select Handle local errors for responses generated by the proxy server and select Handle
remote errors for responses generated by the backend server. Both options may be selected to use
custom error messages for both local and remote errors. Manage the headers that should be sent to
the custom error application and what status codes are to be recognized as errors.
Results
You have finished customizing the security settings for your DMZ Secure Proxy Server for IBM WebSphere Application Server. A qualitative value of high, medium or
low has been calculated based on the settings you have chosen to demonstrate the Current DMZ
Security level.