Use an Enterprise Gateway Server to intercept requests from external clients before passing the requests to your Integration Server. This allows you to isolate Integration Server behind an internal firewall.

Require clients to present valid credentials (i.e., user name and password or a client certificate) to authenticate a connection.

Authorize access to individual services by user groups, through use of Access Control Lists (ACLs) that you associate with a service. For the greatest security, associate all services with an ACL.

Provide transport-level security through Secure Sockets Layer (SSL), and message-level security for web services through WS-Security.

Digitally sign documents and verify digital signatures.

Control access to services based on the port through which a service request is received.

Restrict who can access Integration Server Administrator, and who can use Software AG Designer to connect to the Integration Server.

Require clients to present valid user names (with passwords) that have Administrator privileges before allowing access to the Integration Server Administrator functions.

Simplify security administration by storing Integration Server SSL certificates and private keys in industry-standard keystore files.

Allow different client certificates to be used for different connections.

Follow all vendor recommendations for secure configuration.

Remove unnecessary network services that may contain security flaws, such as telnet.

Regularly check for and install updates and patches from the operating system vendor that might affect security.