Security

You must consider security requirements before, and after you configure Eclipse Amlen.

For a more secure administration environment, configure Eclipse Amlen to ensure that the management interface is not accessible through the internet. For more information, see Changing the Amlen WebUI address.

After you configure Eclipse Amlen, there are three main aspects to security - Transport Layer Security (TLS), authentication, and authorization.

The server certificate and associated security profile controls TLS. The certificate verifies that a public key belongs to a specified entity. The security profile object is used to define TLS configuration. For example, the minimum protocol method that is allowed when clients connect, or the ciphers that are used for encryption. For more information about certificates and profiles, see Certificate and security profiles.

Authentication is based on messaging user ID and password validation. Name-and-password authentication uses a challenge and response protocol to ask messaging users for their names and passwords. This login information is then validated against the information that is stored in the LDAP server that you configure for authentication purposes. The level of authentication is determined by the security profile that is associated with an endpoint.

A policy-based authorization mechanism enables messaging users and clients to connect to Eclipse Amlen, and use messaging actions. For more information, see connection policies, and messaging policies.

For more information about configuring security on Eclipse Amlen, see Administering.