Login
Enter your username and password to login. If you do not have a username you can register one.

Username: 
Password: 
Remember Me



Forgotten Password?

Online
2 members and 24 guests have been online with in the last 10 minutes.

Hot Topic
No posts have caught fire as of yet.

JD Edwards® Enterprise One / One World Discussions >> JD Edwards® EnterpriseOne

Pages: 1
gerd_renz3
member


Reged: 04/13/01
Last on: 02/25/14
Posts: 846
Loc: Brazil
E1 and Demilitarized Zone
      #178398 - 07/26/12 06:14 AM

Hi,
I installed E1 E900 in a DMZ (Demilitarized Zone) at a client. The servers are DEPServ, EServ, DBServ and WEBServ. The URL for connection is, for example, http://WEBServ:8083/jde/E1Menu.maf .

As all these servers are NOT visible from outside the DMZ (not by name nor by IP), the client created some URLs like

jde-dv.clientname.com
jde-py.clientname.com
jde-pd.clientname.com

to give access to his users. Now I have two questions:

1. the URL "jde-pd.clientname.com" is accessible from anywhere, even from outside the company. Is this not a security issue to publish the E1 login screen to the world?

2. When I access E1 with the URL "jde-pd/clientname.com" instead of "http://WEBServ:8083/jde/E1Menu.maf", should I expect future problems? Could E1 not reference its original name WEBServ any time, which then will not be visible for the user?

Thanks for any opinion.

Gerd

--------------------
B732 - E8.9, Unix, AS400, Windows, Oracle, SQL, WTS, JAS


Post Extras: Print Post   Remind Me!   Notify Moderator  
gerd_renz3
member


Reged: 04/13/01
Last on: 02/25/14
Posts: 846
Loc: Brazil
Re: E1 and Demilitarized Zone
new [Re: gerd_renz3]       #178439 - 07/27/12 07:25 AM

No answers so far ...

Has anybody seen an E1 installation similar to the one described above?
I am asking because my client claims that is is "state of the art security technology" and does not understand our concerns.

--------------------
B732 - E8.9, Unix, AS400, Windows, Oracle, SQL, WTS, JAS


Post Extras: Print Post   Remind Me!   Notify Moderator  
cdawes
member


Reged: 11/06/00
Last on: 04/17/14
Posts: 985
Loc: Toronto, Ontario, Canada
Re: E1 and Demilitarized Zone
new [Re: gerd_renz3]       #178451 - 07/27/12 02:35 PM

Do you have a sketch you can share?

All that really needs to be done is to put an HTTP server in the DMZ and punbh through just the appropriate holes in the firewall.

The client should also be using SSL.

You can have WAS reference any virtual host name. Really depends on if you're adding a virtual host or doing a redirect.

JDE has a document out there that tells people to do a redirect......this ain't so good and my preference is to add a virtual host. This avoids any visibility into the alternate url's.

Colin

--------------------
Colin Dawes
Chief Technology Office
Syntax.net

Montreal - New York - Toronto - Boston

B73X to EnterpriseOne 9.X
Oracle, SQL Server, DB2/400
AS400, Intel, VMware, Blade, SAN


Post Extras: Print Post   Remind Me!   Notify Moderator  
gerd_renz3
member


Reged: 04/13/01
Last on: 02/25/14
Posts: 846
Loc: Brazil
Re: E1 and Demilitarized Zone
new [Re: cdawes]       #178474 - 07/30/12 12:48 PM

Thanks Colin.

Do you know what this document is called or where I can find it?

I have been looking for something like that but have not found it.

Gerd

--------------------
B732 - E8.9, Unix, AS400, Windows, Oracle, SQL, WTS, JAS


Post Extras: Print Post   Remind Me!   Notify Moderator  
Pages: 1


Extra information
1 registered and 31 anonymous users are browsing this forum.

Moderator:  ekempter, Sef, Christian Audet, jdecnc 

Print Thread

Forum Permissions
      You cannot start new topics
      You cannot reply to topics
      HTML is disabled
      UBBCode is enabled

Rating:
Thread views: 1928

Rate this thread

Jump to

JDELIST Support | Privacy statement JDELIST.com

*
UBB.threads™ 6.4.1

 .: IIP 5.4.5 by David Lozier ©2003 :. 
Distributed by ThreadsDev.com

The legal restrictions and terms of use applicable to this site are available here.
Use of this site signifies your agreement to the terms of use.
JDELIST is NOT affiliated with JD Edwards® & Company, Oracle or Peoplesoft. Contents of this site are neither
endorsed nor approved by JD Edwards® & Company, Oracle or Peoplesoft.

This page best viewed with Netscape 4 or Microsoft Explorer 4 or above in 800 x 600 resolution.