Communication
TCP/IP is used for communication between the Financial Transaction Manager components.
Examples of the communication that is used by the different components are shown in the following list:
- Communication between the browser where Operations and Administration Console (OAC) is running and the WebSphere® Application Server instances.
- Middleware communication, which includes the following examples:
- WebSphere Application Server intercommunication.
- Db2® database access.
- IBM® MQ messaging access.
- IBM App Connect Enterprise access.
Securing the communication
You need to consider encrypting communication when you are concerned that the communication might be intercepted. Depending on your deployment, the components can be either colocated or physically distributed, which can influence whether encryption is necessary or not. OAC users are normally not colocated, so you probably want to enforce encryption.
For communication that you want to secure, consider the following options:
- Disable non-secure ports. For example, disable the HTTP ports.
- Limit your communication protocols to the more secure protocols. For example, disable Secure Sockets Layer (SSL), and perhaps Transport Layer Security (TLS) V1.0.
- Limit the encryption cipher suites that are allowed to be used.
- Enforce a network policy that limits the communication on the ports between the OAC, database, and IBM MQ.
- For server to server communications, you might want to consider the use of mutual TLS (mTLS). Mutual TLS is also known as client/server authentication.