Secure production deployment of B2B solutions using WebSphere business integration connect
Many business-to-business (B2B) deployments are unsuccessful due to the lack of proper planning prior to installing and configuring the software solution. Also, it is often forgotten that implementing a B2B solution has implications for the overall IT infrastructure. Network security, network availa...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Research Triangle Park, N.C. :
IBM Corp., International Technical Support Organization
c2005.
|
| Edición: | 1st ed |
| Colección: | IBM redbooks.
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009755118406719 |
Tabla de Contenidos:
- Front cover
- Contents
- Figures
- Tables
- Notices
- Trademarks
- Preface
- The team that wrote this redbook
- Become a published author
- Comments welcome
- Part 1 Preparing for a B2B project
- Chapter 1. Overview
- 1.1 The business of B2B
- 1.1.1 Business requirements
- 1.2 Book layout
- 1.2.1 Part 1. Preparing for a B2B project
- 1.2.2 Part 2. Managing a B2B project
- 1.2.3 Part 3. Implementing a B2B solution
- 1.3 B2B deployment methodology overview
- Chapter 2. Introducing WebSphere Business Integration Connect
- 2.1 Features of WebSphere Business Integration Connect
- 2.2 WebSphere Business Integration Connect Architecture
- 2.2.1 Runtime components
- 2.2.2 Configuration components
- 2.2.3 Profile management
- 2.3 B2B features and standards
- 2.3.1 Transport options
- 2.3.2 Messaging protocol options
- 2.3.3 Business document formats
- 2.3.4 Security options in WebSphere Business Integration Connect
- 2.4 Integration options
- Chapter 3. Aspects of security
- 3.1 Overview
- 3.2 Areas of B2B security
- 3.2.1 Deployment security
- 3.2.2 Connection security
- 3.2.3 Document security
- 3.2.4 Access control
- 3.3 Security technologies
- 3.3.1 Reverse proxy server
- 3.3.2 Firewalls
- 3.3.3 Network Address Translation
- 3.3.4 Port Address Translation
- Chapter 4. Implementation topologies
- 4.1 Deployment overview
- 4.1.1 WebSphere Business Integration Connect components
- 4.1.2 Database
- 4.1.3 WebSphere MQ
- 4.1.4 Firewalls and Proxies
- 4.2 Distributed-Dual DMZ, Reverse Proxy with Failover
- 4.2.1 Deployment considerations
- 4.2.2 Inbound data flow
- 4.2.3 Outbound data flow
- 4.2.4 Pros
- 4.2.5 Cons
- 4.2.6 Variations of the reverse proxy scenario
- 4.3 Distributed-Single DMZ
- 4.3.1 Deployment considerations
- 4.3.2 Inbound data flow
- 4.3.3 Outbound data flow
- 4.3.4 Pros.
- 4.3.5 Cons
- 4.3.6 Variations of the Single DMZ Scenarios
- Part 2 Managing a B2B project
- Chapter 5. Introduction to B2B projects
- 5.1 B2B deployment methodology overview
- 5.1.1 Knowledge transfer and training
- 5.1.2 Discovery
- 5.1.3 Planning
- 5.1.4 Installation
- 5.1.5 Customization
- 5.1.6 Testing
- 5.1.7 Production deployment
- 5.1.8 Partner ramping
- 5.1.9 Support
- 5.2 B2B project scenario overview
- 5.2.1 Overview of Company E
- 5.2.2 Business environment
- 5.2.3 Technical environment
- 5.2.4 Organizational challenges
- 5.2.5 New business strategy
- 5.2.6 Current projects
- Chapter 6. Project Espresso: Discovery phase
- 6.1 Company E discovery overview
- 6.1.1 Task review
- 6.2 B2B deployment assessment
- 6.2.1 Project Expresso deployment assessment agenda
- 6.2.2 Project Expresso deployment assessment presentation
- 6.3 Roles and responsibilities
- 6.4 Assessment meeting results
- 6.4.1 Business objectives
- 6.4.2 Technical environment review
- 6.4.3 Community profile
- 6.4.4 Data flow and integration
- 6.4.5 Environment, architecture and implementation discussion
- 6.5 Requirements and scope document
- Chapter 7. Project Espresso: Planning phase
- 7.1 Company E planning overview
- 7.1.1 Task review
- 7.2 Requirements and follow-up meetings
- 7.3 Project plan
- 7.4 Installation and deployment plan
- 7.4.1 Firewall configuration plan
- 7.4.2 Reverse proxy configuration plan
- 7.4.3 Load balancer configuration plan
- 7.4.4 WebSphere MQ configuration
- 7.4.5 Database loader deployment plan
- 7.4.6 Product installation deployment plan
- 7.4.7 Product configuration plan
- 7.4.8 Community manager configuration plan
- 7.4.9 Community participant configuration plan
- 7.4.10 Certificate deployment plan
- 7.5 Testing plan
- 7.6 Training plan
- 7.7 Support plan.
- 7.7.1 How to discover or detect problems with transactions
- 7.7.2 How to report problems
- 7.7.3 How to resolve reported problems
- 7.7.4 How to maintain the system
- Chapter 8. Project Espresso: Testing phase
- 8.1 Testing overview
- 8.1.1 Task review
- 8.2 Test plan review
- 8.3 Execute the Test Plan
- 8.4 Performance testing
- 8.4.1 Performance concepts
- 8.4.2 Performance tuning
- 8.4.3 WebSphere Business Integration Connect sizing
- Chapter 9. Project Espresso: Production deployment phase
- 9.1 Production Deployment overview
- 9.1.1 Task review
- 9.2 Review the deployment plan
- 9.3 Create production environment
- 9.4 Verify component installation
- Chapter 10. Project Espresso: Partner ramping phase
- 10.1 Company E Partner Ramping overview
- 10.1.1 Task review
- 10.2 Trading partner review
- 10.3 Trading Partner ramping process
- 10.4 Trading Partner ramping plan
- Chapter 11. Project Espresso: Support phase
- 11.1 Company E Support overview
- 11.1.1 Task review
- 11.2 Ramping support
- 11.3 Monitoring and support best practices
- 11.3.1 Alerts
- 11.3.2 Monitoring
- 11.3.3 Debugging
- 11.3.4 JACL scripts
- 11.3.5 Console configuration
- 11.3.6 Profile configuration
- 11.3.7 Disaster recovery
- 11.3.8 Archive process
- 11.3.9 Logs
- 11.3.10 Data security
- 11.4 Support process and issue resolution
- Part 3 Implementing a B2B solution
- Chapter 12. Validating the environment
- 12.1 Create a validation checklist
- 12.2 Validate hardware and operating system
- 12.3 Validate network
- 12.4 Verifying software levels
- 12.4.1 Verifying DB2
- 12.4.2 Verifying WebSphere MQ
- 12.4.3 Enabling DB2 stored procedures
- 12.5 Review validation results
- Chapter 13. Implementing a firewall
- 13.1 Network services and vulnerability
- 13.1.1 Minimizing security risk: Introducing the firewall.
- 13.2 Introduction to firewall
- 13.3 Firewall types
- 13.4 Functional components of a firewall
- 13.4.1 Packet-filtering router
- 13.4.2 Application-level gateway
- 13.4.3 Network Address Translation
- 13.5 Firewall architecture
- 13.5.1 Packet filtering firewall
- 13.5.2 Dual-homed gateway firewall
- 13.5.3 Screened host firewall
- 13.5.4 Screened subnet firewall
- 13.6 Implementing firewalls in our B2B solution
- 13.6.1 Firewall1
- 13.6.2 Firewall2
- 13.6.3 Firewall3
- 13.7 Limitations of a firewall
- Chapter 14. Implementing a proxy server
- 14.1 Overview of proxy servers
- 14.2 Reverse proxy
- 14.3 Discussing the data flow
- 14.4 Configuring the IBM HTTP server as reverse proxy
- 14.4.1 Create an administrator user ID and password
- 14.4.2 Configure the IBM HTTP server
- 14.5 Validating the reverse proxy
- 14.6 Using IBM HTTP Server V2.x as reverse proxy
- Chapter 15. Deploying the solution
- 15.1 Overview
- 15.2 Software installation
- 15.2.1 Adding user accounts on the DB2 server
- 15.2.2 Installing database schema
- 15.2.3 WebSphere MQ configuration
- 15.2.4 Installing the DB2 Client
- 15.2.5 Installing WebSphere MQ Client and JMS libraries
- 15.2.6 Installing the common share files
- 15.2.7 Adding a Windows user ID and group
- 15.2.8 Installing the Document Manager
- 15.2.9 Installing the Community Console
- 15.2.10 Installing the receiver
- 15.3 Initial server configuration
- 15.4 Hub configuration
- 15.4.1 Create targets
- 15.4.2 Create interactions
- 15.4.3 Create community manager
- 15.4.4 Create community participant
- 15.5 Community Manager configuration
- 15.5.1 Create a gateway
- 15.5.2 Provide B2B capabilities
- 15.6 Community Participant configuration
- 15.7 Configure participant connection
- Chapter 16. Implementing a load balancer
- 16.1 Load balancing overview.
- 16.1.1 WebSphere Edge Server
- 16.1.2 Load balancer
- 16.2 Load balancing using Media Access Control (MAC) forwarding
- 16.2.1 How it works
- 16.2.2 Overall solution design
- 16.2.3 Load balancing deployment design
- 16.3 Install WebSphere Edge Server Network Dispatcher
- 16.4 Configure Network Dispatcher for load balancing
- 16.4.1 Start Network Dispatcher
- 16.4.2 Configure Network Dispatcher with the Dispatcher GUI
- 16.4.3 Configuring the cluster IP address on the network adapter
- 16.4.4 Aliasing the cluster address on the load-balancing servers
- 16.5 Validate the load balancing environment
- 16.6 IP session affinity
- 16.7 Access the components
- Chapter 17. Troubleshooting the deployment
- 17.1 Configuration issues for multihomed servers
- 17.2 Execution issues
- 17.2.1 System log files
- 17.2.2 Analyze traffic on your network
- 17.2.3 Reprocessing failed events and business documents
- 17.3 Performance Issues
- 17.3.1 Increase the Receiver timeout setting
- 17.3.2 Insufficient virtual memory for DB2 agents
- 17.3.3 Optimizing database query performance
- 17.3.4 Avoiding out-of-memory errors
- 17.3.5 Avoid long processing time on large, encrypted AS documents
- Chapter 18. Implementing HTTPS
- 18.1 Overview of SSL and the SSL handshake
- 18.2 SSL data flow
- 18.3 Firewall changes
- 18.3.1 Validating the firewalls
- 18.4 Configuring the IBM HTTP Server 1.3.x for SSL
- 18.4.1 Create a key store file
- 18.4.2 Generate a self-signed certificate
- 18.4.3 Configure the IBM HTTP Server for SSL
- 18.4.4 Validating the reverse proxy
- 18.5 Using IBM HTTP Server V2.x as a reverse proxy
- 18.6 Establishing trust from the proxy server to the Console
- 18.6.1 Validating the reverse proxy
- 18.7 Enforcing SSL connections to the Community Console
- 18.7.1 Validating the changes
- 18.8 SSL with Load Balancer.
- 18.8.1 Configuring the Cluster IP address on the Network Adapter.
