Professional Documents
Culture Documents
Deployment Patterns
Picknick Enterprise IT
29.10.2009
USE CASES
29.10.2009
Application
Consumer
1 B2B Gateway
Internet
Application
2 Security Gateway
(Web Services, Web Applications)
Consumer
4 Internal Security 5 Enterprise Service Bus 6 Web Service Management 7 Legacy Integration 8 XML Acceleration
System z
29.10.2009
Message Formats:
ANSI X12 EDIFACT Various Industries:
UNTDI, ODETTE, HiPAA, HL7, VICS, VDA, UCS, ACORD
XML
B2B Entry Point for WPS and WESB Offloading for WebSphere Partner Gateway
29.10.2009 Reto Hirt / schlag&rahm gmbh 2009 5
Security Token Transformation SAML, LTPA, XML Threat Protection XDoS, MMXDoS XML Schema Validation Resource Masking
29.10.2009 Reto Hirt / schlag&rahm gmbh 2009 6
29.10.2009
29.10.2009
29.10.2009
29.10.2009
10
29.10.2009
11
29.10.2009
12
Use Case 1
Application
Consumer
1 B2B Gateway
Internet
Application
2 Security Gateway
(Web Services, Web Applications)
Consumer
4 Internal Security 5 Enterprise Service Bus 6 Web Service Management 7 Legacy Integration 8 XML Acceleration
System z
29.10.2009
14
Context
Existing WebServices for internal clients Two different WSDLs, N operations each Activities like Authentication, transformation, encryption, validation performed in the WAS Runtime running the WebServices
--> Now, a subset of the available operations need to be exposed to partners / internet users
29.10.2009
15
Full Exposure
29.10.2009
16
29.10.2009
17
29.10.2009
18
Benefits
Higher security level
Expose only as needed Single Point of entry Manage Services with common Policies Inspect payload
29.10.2009
19
Use Case 2
MQ CONNECTIVITY
29.10.2009
20
Application
Consumer
1 B2B Gateway
Internet
Application
2 Security Gateway
(Web Services, Web Applications)
Consumer
4 Internal Security 5 Enterprise Service Bus 6 Web Service Management 7 Legacy Integration 8 XML Acceleration
System z
29.10.2009
21
Context
Connectivity between WAS at Partner A and WMQ at Partner B Protocol to be used is MQ, payload is XML XML payload is a proprietary format widely used within the organisation B Connection is intercepted in the DMZ of Partner A with a single MQ-IPT --> Due to various additional needs (Operability, Stability), the connection has to be made redundant
29.10.2009 Reto Hirt / schlag&rahm gmbh 2009 22
29.10.2009
23
29.10.2009
24
29.10.2009
25
Benefits
Higher security level
Inspect Payload upon termination AAA in DMZ
29.10.2009
26
Resources
IBM WebSphere Datapower SOA Appliance Handbook, Hines, Rasmussen, Ryan, ISBN 978-0-13-714819-6 IBM DataPower Product Page, http://www.ibm.com/software/integration/datapower/ IBM Support, http://www.ibm.com/support/
WebSphere DataPower and WebSphere MQ interoperability documentation,
http://www.ibm.com/support/docview.wss?uid=swg21255199
29.10.2009
27
VIELEN DANK!
29.10.2009
28
Disclaimer
The contents of this PowerPoint presentation and the related views expressed by the speaker are solely the views of the author and speaker and their respective entities, and do not necessarily reflect the opinions, views, or beliefs of any other person or entity, implied or otherwise. Accordingly, all correspondence concerning this presentation should be sent directly to the named speaker. IBM, WebSphere, DataPower, WSRR, IT CAM for SOA, Tivoli Access Manager, Federated Identity Manager , XM70, XB60, XI50, XS40, XA35 are registered trademarks or trademarks of International Business Machines Corporation in the United States, other countries, or both.
29.10.2009
29
BACKUP SLIDES
29.10.2009
30
Zone Concept
29.10.2009
31
29.10.2009
32