Configuring secure routing for a DMZ Secure Proxy Server

You can configure the DMZ Secure Proxy Server for IBM® WebSphere® Application Server to route requests statically or dynamically.

Before you begin

Configure your profiles and security properties before you configure routing. See the topic Tuning the security properties for the DMZ Secure Proxy Server for IBM WebSphere Application Server. Decide whether you want to configure static or dynamic routing.

About this task

Static routing is performed by using a flat configuration file. Static routing is considered more secure than dynamic routing. With dynamic routing, requests are routed through a best match mechanism that determines the installed application or routing rule that corresponds to a specific request. The secure proxy server dynamically discovers the best route to a destination and distribute to servers with like protocols.

The secure routing options are:

  • Use static routing with the exportTargetTree command.
  • Use dynamic routing by setting up a core group bridge tunnel. See the topic Configuring communication with a core group that resides on a DMZ Secure Proxy Server.
Avoid trouble Avoid trouble: Because the DMZ secure proxy server resides in a different cell from the application servers, it must be configured to trust the application server cell in order for Secure Sockets Layer (SSL) to work properly. See the third step in this procedure.gotcha

Use the following procedure to configure static or dynamic secure routing.

Procedure


Icon that indicates the type of topic Task topic



Timestamp icon Last updated: March 5, 2017 17:28
File name: tjpx_secrouting.html