Author Topic: Connection between ODWEK and Library Server.  (Read 1341 times)

jsquizz

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 573
    • View Profile
Connection between ODWEK and Library Server.
« on: September 01, 2021, 08:36:32 AM »
Apologize for the ignorance with the topic, I am not an ODWEK person, at all.

Our ODWEK folks came to us with a question- they want to know what protocol is used by ODWek to communicate with the CMOD servers, and most importantly, whether that protocol is secure.

It is my understanding that TCP/IP is used, and that the connection is secure because ODWEK and the library server, will use the IBM Global Security kit to secure that connection.

Is that accurate? Or am I in left field.

Thanks!
#CMOD #DB2 #AFP2PDF #TSM #AIX #RHEL #AWS #AZURE #GCP #EVERYTHING

rjrussel

  • Full Member
  • ***
  • Posts: 137
    • View Profile
Re: Connection between ODWEK and Library Server.
« Reply #1 on: September 02, 2021, 03:59:12 PM »
Well you could use SSL to connect from ODWEK to CMOD Server if you're aren't already. You are correct though, it is TCP/IP. I would add, there may be many definitions of "secure". Keep in mind, you are typically talking about a connection from two internal servers, not WEB facing environments. In addition, you can lock down this down in other ways as well. For example, only opening specific ports through a firewall.

The point is, there is lot more to consider then just how ODWEK communicates with the CMOD server.

-RR

Justin Derrick

  • IBM Content Manager OnDemand Consultant
  • Administrator
  • Hero Member
  • *****
  • Posts: 2228
  • CMOD Guru for hire...
    • View Profile
    • Tenacious Consulting
Re: Connection between ODWEK and Library Server.
« Reply #2 on: September 08, 2021, 10:41:14 AM »
Without SSL, the CMOD communications aren't secure, merely "obscure".  I've managed to reverse engineer the method used to hide passwords in unencrypted connections.  For systems where there are multiple hops (web browser to web server, web server to CMOD server) they should all use some flavour of SSL/TLS/HTTPS to protect data in transit.

-JD.
IBM CMOD Professional Services: http://TenaciousConsulting.com
Call:  +1-866-533-7742  or  eMail:  jd@justinderrick.com
IBM CMOD Wiki:  https://CMOD.wiki/
FREE IBM CMOD Education & Webinars:  https://CMOD.Training/

Interests: #AIX #Linux #Multiplatforms #DB2 #TSM #SP #Performance #Security #Audits #Customizing #Availability #HA #DR