Much of the security functionality offered by WebSphere® DataPower® XC10 Appliance is
built into the construction of the appliance. Additional security
settings are included to provide additional security options for your
environment.
About this task
To increase the security coverage of the appliance, you can
configure several options that exist to control the user behavior.
Procedure
- Navigate to the Settings panel. To manage your security options, navigate to the Settings panel
using one of the following methods:
- From the menu bar at the top of the WebSphere DataPower XC10 Appliance user
interface, navigate to .
- From the Welcome page, click the Customize
settings link in the Step 1: Set up the appliance section.
- Expand Security.
- Set your security permissions.
- Set the Allow new users to create their own
accounts field. The default value for this
field is Disabled. This field specifies if a user is able to
create their own account. When this field is Enabled, a Register button
appears on the login screen. See Registering a new user account for more details on self user
registration.
- Set the Allow password reset from the serial console field. The default value for this field is Disabled.
Disabled: Make
sure that you configure an SMTP server and an email address for the xcadmin user.
These configurations ensure that if the xcadmin password
is lost, then there is a way to reset the password. If this field
is disabled and these configurations are not made, then it is impossible
to reset a lost xcadmin password
and the appliance must be returned to IBM for
remanufacturing.
Enabled: You can reset the password
for the xcadmin user
using a serial connection without any other credentials required and
without an SMTP message. If this option is selected, the physical
access to your WebSphere DataPower XC10 Appliance is
even more important than typical. With physical access to the machine,
any user is able to gain administrator access to the appliance.
- Configure your appliance to authenticate users with a Lightweight
Directory Access Protocol (LDAP) directory. For more information
about configuring your appliance to authenticate using with an LDAP
directory, see Configuring your appliance to authenticate users with an LDAP directory.
Results
After successfully completing these steps, you have specified
how the appliance handles certain security-related scenarios and whether
external authentication is used for access to the
user interface.
What to do next
Configure users and groups to provide access to the user
interface. You also use users and groups to provide access to data
grids.