This section summarizes the practices that can help to ensure a secure environment. The following topics are covered:
Ensure security on InterChange Server:
Use System Manager to set a new password as soon as possible after installing the product. Refer to the instructions in "Changing the InterChange Server password"..
Make sure that the account with which you log in when administering the WebSphere business integration system has administrator privileges.
You must have administrator privileges to install and run many of the products that the InterChange Server software uses, such as the DBMS, WebSphere MQ, and JDBC drivers. Without these privileges, you cannot set up and start the product.
HA |
---|
For high availability, make sure the Domain user account has administrator privileges on each machine in the cluster. |
To check the privileges of a user login follow these steps:
If your account is not in the Administrator group, create a new user following the instructions in "Creating the InterChange Server Administrator account" or "Creating the Domain user for high availability", or ask your Windows system administrator for help.
To protect the ProductDir folder and all directories and files under it, check sharing settings and permissions for the folder:
To provide database protection, make sure that the data sources specified in the InterChange Server configuration file are dedicated to InterChange Server and have only one user defined.
Isolate the repository, event management information, transaction data, and flow monitoring information from other functions within the database server, and make sure there is only one user for each database. This setup makes it easier to control database logins and to ensure that unauthorized users cannot view sensitive information stored in the repository.
Turn on the role-based access control (RBAC) in the System Manager and use the User/Roles Management View to create roles and assign each user to one of these roles. Use the Security Policy View to assign the correct permissions and privileges to each role and users within the that role. RBAC limits access to the ICS system to specific users and controls user privileges within the system. RBAC enables the WebSphere business administrator to readily create roles (with varying permission) into one of which each user can be easily assigned.
For more information about RBAC see the WebSphere InterChange Server: System Administration Guide.