Chapter 5. Installation 95
Draft Document for Review May 23, 2008 10:14 am 7645install.fm
5.6.12 Internet and Firewall Security
For security purposes Maximo can also be configured to take advantage of the
more secure protocol, Hypertext Transfer Protocol Secure (HTTPS). If Maximo
clients exist outside the corporate network, you can add a firewall or other
security measure.
Firewalls are configured to allow communication over HTTP (typically Port 80) or
HTTPS (typically Port 443). The following information is generic and does not
reflect any particular firewall brand.
Secure Socket Layer (SSL) Overview
Secure socket layer provides secure connections over a network connection by
doing the following:
– allowing two applications to authenticate each other’s identity
– encrypting the data exchanged between the two applications
Authentication allows a server and optionally a client to verify the identity of the
application on the other end of a network connection. Encryption makes data
transmitted over the network intelligible only to the intended recipient. IBM
WebSphere and BEA WebLogic support SSL, and IBM Corporation has certified
the SSL implementation with the Maximo-WebSphere and Maximo-BEA
WebLogic integration.
Configuring Secure Socket Layer To implement SSL
A Web server must have an associated certificate for each external interface (IP
address) that accepts secure connections. After you install the certificate on the
Web server, replacing the .http with .https encrypts a session between the
browser and server.
For example:
http://MaximoAppServer will be entered as https://MaximoApp Server
The standard port for HTTPS is 443.
If a Proxy server or Firewall controls network traffic, this port and protocol must
be opened. SSL comes with some additional overhead for encryption and
decryption of data. Encryption and decryption can affect performance.
Internet Explorer Settings
It is advisable that you enable your browser to automatically check for newer
versions of stored pages when you login to Maximo, to ensure this perform the
following steps: