Done? | Task | Notes | ||
Install an Integration Server in your DMZ to be your Enterprise Gateway Server | When you identify an Integration Server to be an Enterprise Gateway Server, keep in mind that any external client on the Internet can access this server. Therefore, be very security conscious about the services you make available and the users you define. Do not perform development work on this server and do not set up users or groups on it.
| |||
Disable the Developer and Replicator users | You will not need these users on an Enterprise Gateway Server. Disabling these users prevents someone from gaining access to your Enterprise Gateway Server through them. For more information, see Disabling and Enabling Users. | |||
Configure the Enterprise Gateway external port | For instructions, see Configuring the
Enterprise Gateway Ports.
| |||
Configure the Enterprise Gateway registration port | For instructions, see Configuring the
Enterprise Gateway Ports. If you are going to set up an encrypted connection between the Internal Server and Enterprise Gateway Server, you can optionally store a certificate for the Internal Server’s administrator user on Enterprise Gateway Server. For more information, see Importing a Certificate (Client
or CA Signing Certificate) and Mapping It to a User. Optional (but strongly recommended). Set up IP address filtering on the registration port so that only the Internal Server can connect to Enterprise Gateway Server. This step provides an additional layer of protection to supplement the IP address filtering performed by your firewall and the user authentication.
For more information, see Restricting IP Addresses that Can Connect
to a Port. | |||
Connect your Internal Server to Enterprise Gateway Server | For instructions, see Connecting Your Internal Server to an
Enterprise Gateway Server . |