Internal data flow security

Secure the internal data flow of FTM SWIFT to reduce attack surface and vulnerabilities. To do this:

Use only HTTPS for the browser-based GUI applications (RMA, AO).
Setup of SSL/TLS for IBM® WebSphere® Application Server is described in IBM WebSphere Application Server Knowledge Center - Securing WebSphere MQ connection to WebSphere Application Server.
Use two-way SSL authentication for IBM MQ communications between FTM SWIFT server components. Ensure that two-way SSL authentication is set up between:
- IBM MQ queue managers
- IBM WebSphere Application Server and IBM MQ queue managers
- SAG (MQHA) and IBM MQ queue managers
Use one-way SSL authentication for IBM MQ communications between the Sequential Data Facility and IBM MQ queue managers.

For information about setting up SSL/TLS in IBM MQ, see IBM MQ Knowledge Center.