Install an Integration Server in your DMZ to be your Enterprise Gateway Server

When you identify an Integration Server to be an Enterprise Gateway Server, keep in mind that any external client on the Internet can access this server. Therefore, be very security conscious about the services you make available and the users you define.

Do not perform development work on this server and do not set up users or groups on it.

Disable the Developer and Replicator users

You will not need these users on an Enterprise Gateway Server. Disabling these users prevents someone from gaining access to your Enterprise Gateway Server through them. For more information, see Disabling and Enabling User Accounts.

Configure the Enterprise Gateway external port

For instructions, see Configuring the Enterprise Gateway Ports.

Configure the Enterprise Gateway registration port

For instructions, see Configuring the Enterprise Gateway Ports.

If you are going to set up an encrypted connection between the Internal Server and Enterprise Gateway Server, you can optionally store a certificate for the Internal Server’s administrator user on Enterprise Gateway Server. For more information, see Importing a Certificate (Client or CA Signing Certificate) and Mapping It to a User.

Optional (but strongly recommended). Set up IP address filtering on the registration port so that only the Internal Server can connect to Enterprise Gateway Server. This step provides an additional layer of protection to supplement the IP address filtering performed by your firewall and the user authentication.

For more information, see Restricting IP Addresses that Can Connect to a Port.

Connect your Internal Server to Enterprise Gateway Server

For instructions, see Connecting Your Internal Server to an Enterprise Gateway Server .

Set values for the server configuration properties for Enterprise Gateway and Internal Server

Set values for or verify that the defaults for the following server configuration properties are suitable for your situation: