Hi Axton, Thank you for the feedback... We looked into Remedy Encryption, but it didn't offer a FIPS compliant encryption algorithm, so it was not compliant with my customer's security requirements. BMC said that it will likely offer this level in future releases (not sure if v7 is there yet or not).
Kind regards, Jeff -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Axton Sent: Tuesday, October 02, 2007 7:48 PM To: arslist@ARSLIST.ORG Subject: Re: Alternatives to DSO for Data Transfer STunnel can encrypt any tcp traffic between two machines on a given port. Just bear in mind that this is a method of transport relies on a sort of local proxy manages sessions between both end points. IPSec is another alternative; it operates at a lower level of the OSI model and will give you some added benefits depending on your security paradigm. Another alternative would be to look into the Remedy encryption products. This would in essence do the same thing as STunnel, but instead of relying on a separate process, it would be native to the arserver (a plugin or library if you will). There is also a base level of encryption that is included in the product. see http://arswiki.org/wiki/Securing_ARS#Remedy_Encryption_Products Axton Grams On 10/2/07, Jeff Lockemy (Serco North America) <[EMAIL PROTECTED]> wrote: > Thank you everyone for the suggestions. The easiest option for us would be > doing data transfers over https/443, that's why we mentioned web services. > > > > However, a colleague of mine mentioned that they investigated using Stunnel > (www.stunnel.org), a universal SSL wrapper, to encrypt their DSO > communications between servers over 443. I am looking into it, and will let > you know how it goes. If anyone else has done anything else with 443, > please let me know. > > > > Cheers, > > Jeff > > > > > > _____ > > From: Action Request System discussion list(ARSList) > [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Lockemy (Serco North America) > Sent: Friday, September 28, 2007 4:27 PM > To: arslist@ARSLIST.ORG > Subject: Alternatives to DSO for Data Transfer > > ** > > Hello Listers, > > > > I am trying to find out what solutions are out there that folks might be > using as an alternate to DSO, to transfer Remedy tickets between Remedy > servers. > > > > My customer cannot use DSO due to port and encryption level restrictions. > Currently, we are using a solution provided to us by another group. This > solution uses IBM WebSphere MQ and a product called ARSXML (not be to > confused with ARXML, ARSXML is a product by N-Tuition, a Remedy partner out > of Germany). This solution has some design pitfalls (on the ARSXML side) > that are proving to be a challenge to overcome. So we want to see what > other options out there might exist. > > > > One thought that was brought up several years back with this customer was to > design and build a solution on Remedy Web Services, transferring tickets > through SOAP, Mid-Tier to Mid-Tier. I believe they had a design prototype > back then, but I was not involved in it, nor does anything exist of it. Has > anyone done this, or some other solution that they could share? > > > > Any ideas or input anyone has is much appreciated... > > > > Regards, > Jeff > > > > > > > > > > > > Jeff Lockemy > > Remedy Skilled Professional > > Serco North America > > (619) 524-2303 > > [EMAIL PROTECTED] > > > > > > > > > > > > __20060125_______________________This posting was submitted with HTML in > it___ > > > ____________________________________________________________________________ ___ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" > ____________________________________________________________________________ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
