InfoCenter Home >
7: Multimachine management >
7.1: Using WebSphere Application Server in a multimachine environment >
7.1.3: Multimachine topologies >
7.1.3.6: HTTP server separation sample topologies

7.1.3.6: HTTP server separation sample topologies

These topologies physically separate the Web (HTTP) server from the application servers, placing the Web server on a different machine in the configuration. Compared to a configuration where the Web server and the application servers are located on the same physical server, separating the Web server can improve application performance, provide better fault isolation, and enhance security. These topologies are often used with firewalls to create a secure demilitarized zone (DMZ) surrounding the Web server.

WebSphere Application Server provides alternatives for physically separating the HTTP server from the application server:

  • HTTP transport configurations
  • Reverse proxy (IP forwarding) configurations
  • Open Servlet Engine (OSE) configurations, including remote and semi-remote OSE
  • Thick servlet redirector configurations
  • Thick servlet redirector with administrative-agent configurations
  • Thin servlet redirector configurations

These system topologies are described in more detail in the articles in this section.

The following table summarizes the advantages and disadvantages of each of these configurations. The criteria are explained after the table.

Topology SSL Database password required? WLM NAT Performance Administration
Remote OSE No No Yes Yes High Manual
Semi-remote OSE No No Yes Yes Medium Manual
Reverse proxy Yes No No Yes High Manual
Thick servlet redirector Yes Yes Yes No Medium Automated
Thick servlet redirector with administrative agent Yes No Yes No Medium Automated
Thin servlet redirector Yes No Yes No Medium Manual
  • SSL. Supports Secure Sockets Layer (SSL) security.
  • Database password required? Requires a database user ID and password to be stored on the machine for use by the database processes.
  • WLM. Uses the WebSphere workload management service to balance client workloads.
  • NAT. Supports Network Address Translation (NAT) firewalls. NAT firewalls receive packets for one IP address, translate the headers of the packets, and send the packets to a second IP address.
  • Performance. Compares the relative performance of each of these configurations.
  • Administration. Specifies whether the configuration must be administered manually or can be administered through the Administrative Console. This gives you a basis to compare the relative difficulty of administering each configuration.
Go to previous article: Horizontal scaling with Network Dispatcher sample topologies (horizontal scaling and DMZ) Go to next article: Remote OSE sample topology

 

 
Go to previous article: Horizontal scaling with Network Dispatcher sample topologies (horizontal scaling and DMZ) Go to next article: Remote OSE sample topology