Tim, SSL wont protect the data sitting on the server.... Is that where the risk really is ?.. In my case it is.. Yours may be different.
But SSL from server-server is also a good choice. Sid -----Original Message----- From: Tim Armstrong [mailto:[EMAIL PROTECTED] Sent: Thursday, 5 June 2003 9:56 AM To: [EMAIL PROTECTED] Subject: Re: MQSeries in DMZ Or you can use the SSL features that became available in V5.3. Regards Tim A "Potkay, Peter M (PLC, IT)" To: [EMAIL PROTECTED] <[EMAIL PROTECTED] cc: RTFORD.COM> Subject: Re: MQSeries in DMZ Sent by: MQSeries List <[EMAIL PROTECTED] AC.AT> 05/06/2003 01:17 Please respond to MQSeries List See support pac MS81 http://www-3.ibm.com/software/integration/support/supportpacs/individual/ms8 1.html It has what you need. It is the MQSeries Internet Pass Thru (MQIPT). -----Original Message----- From: Madsen, Timothy [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 04, 2003 11:06 AM To: [EMAIL PROTECTED] Subject: MQSeries in DMZ Hello, We have external partners who need to connect to our MQSeries. So, we could put an MQSeries server in our DMZ and let those external people connect to that MQ and then have the DMZ MQ connect to our internal MQ. We can configure our firewall (Cisco Pix) to only let MQ appropriate ports/protocols pass from the internet to the DMZ MQ server. However, we would still be allowing **anybody** on the internet to send messages to our MQSeries in our DMZ. We are working with a small list of partners - they are not anonymous. So - from this two questions: 1) Would this be considered a fairly secure configuration - from the standpoint of a hacker trying to get into our MQ box and crash it or access OS services? 2) What is a standard method whereby we could allow our external partners to send MQ messages - but not allow other people on the internet to send MQ messages to our DMZ MQ server? Thanks. Tim. Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return email and delete this communication and destroy all copies. Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive
