InfoCenter Home >
7: Multimachine management >
7.1: Using WebSphere Application Server in a multimachine environment >
7.1.3: Multimachine topologies >
7.1.3.6: HTTP server separation sample topologies
7.1.3.6: HTTP server separation sample topologies
These topologies physically separate the Web (HTTP) server from the application
servers, placing the Web server on a different machine in the configuration.
Compared to a configuration where the Web server and the application servers are located
on the same physical server, separating the Web server can improve application
performance, provide better fault isolation, and enhance security. These topologies
are often used with firewalls to create a secure demilitarized zone (DMZ) surrounding the
Web server.
WebSphere Application Server provides alternatives for physically separating the HTTP
server from the application server:
- HTTP transport configurations
- Reverse proxy (IP forwarding) configurations
- Open Servlet Engine (OSE) configurations, including remote and semi-remote OSE
- Thick servlet redirector configurations
- Thick servlet redirector with administrative-agent configurations
- Thin servlet redirector configurations
These system topologies are described in more detail in the articles in this section.
The following table summarizes the advantages and disadvantages of each of these
configurations. The criteria are explained after the table.
Topology |
SSL |
Database password required? |
WLM |
NAT |
Performance |
Administration |
Remote OSE |
No |
No |
Yes |
Yes |
High |
Manual |
Semi-remote OSE |
No |
No |
Yes |
Yes |
Medium |
Manual |
Reverse proxy |
Yes |
No |
No |
Yes |
High |
Manual |
Thick servlet redirector |
Yes |
Yes |
Yes |
No |
Medium |
Automated |
Thick servlet redirector with administrative agent |
Yes |
No |
Yes |
No |
Medium |
Automated |
Thin servlet redirector |
Yes |
No |
Yes |
No |
Medium |
Manual |
- SSL. Supports Secure Sockets Layer (SSL) security.
- Database password required? Requires a database user ID and
password to be stored on the machine for use by the database processes.
- WLM. Uses the WebSphere workload management service to balance client
workloads.
- NAT. Supports Network Address Translation (NAT) firewalls. NAT
firewalls receive packets for one IP address, translate the headers of the packets, and
send the packets to a second IP address.
- Performance. Compares the relative performance of each of these
configurations.
- Administration. Specifies whether the configuration must be
administered manually or can be administered through the Administrative Console. This
gives you a basis to compare the relative difficulty of administering each configuration.
|
|