6. What are the Security features that you have enabled in Datapower?

6. What are the Security features that you have enabled in Datapower?
by

1 Answer

Answer :

SSL Proxy Profile or Transport Layer Security
 Forward
 Reverse
 Two-way
 
 When DataPower Acts as Server
 Create SSL proxy profile by following the steps shown below , it can be referred in
any Front side handler that supports SSL(Example HTTPS)
 When DataPower Acts as Client
 Upload certificate shared by server in cert/pubcert directory of Datapower
File Management.
 Create SSL proxy profile as shown below. This can be either referred in proxy
settings or set dynamically using routing-ssl-profile variable
 Server to which Datapower acts as client will share its certificate to
Datapower (Client).
 Using certificate shared, a crypto certificate object is created.
 Crypto Validation credentials created using crypto certificate object will be
included in crypto profile.
 Crypto profile created will be used in Datapower as SSL proxy profile
 TWO-WAY-SSL-Proxy-Profile :
 A TWO-WAY-SSL-Proxy-Profile contains two crypto profiles one refers crypto
validation credentials evaluated in response (Datapower as client to Backend) and other one
refers crypto Identification credentials used in request flow(When Datapower acts as SSL
server to front end systems)
Message Level Security by Using AAA
AAA - Authentication Authorization and Auditing
AAA can be implemented in various ways like Digital Signature Method, LDAP Authentication
and AAAInfo.xml file
AAA has mainly 5 steps:
i. How to Extract the User’s identity from an incoming request
ii. How to Authenticate the User
iii. How to Extract the Resources
iv. How to Authorize the User
v. Auditing
Digital Signature Method
 Client/Consumer will be using their own Private Key to digitally sign a message and
sends to Datapower.
 Client/Consumer will be sharing their public Certificate to Datapower, which we upload
into Cert folder under File Management and Create a Crypto Certificate.
 The Created Crypto Certificate object will be used inside Crypto Validation Credentials
LDAP Method
 Client/Consumer will be sending the username token and password as part of WS-
Security Header.
 We extract the Header and Send it to LDAP Server for Authentication purpose
AAAinfo.xml Method
 Client/Consumer will be sending the username token and password as part of WS-
Security Header
 We extract the Header and verify the same in the AAAinfo.xml file for Authentication
purpose
by

Related questions

How to integrate MQ with Datapower?

Description : How to integrate MQ with Datapower?

Last Answer : http://www.ibm.com/developerworks/websphere/library/techarticles/1410_sahoo/1410_sahoo.html

What are the different modes through which you can connect to Datapower?

Description : What are the different modes through which you can connect to Datapower?

Last Answer :  GUI  CLI  XML-Management Interface

What is the advantage of Datapower over Message Broker?

Description : What is the advantage of Datapower over Message Broker?

Last Answer : Message Broker Datapower Integrating and leveraging the WebSphere MQ messaging infrastructure. Similar to Message Broker, DataPower can do any-to-any transformation (in theory, Yes. But in practice, you ... from any-to-any. Offers z/OS clients platform-specific benefits (CICS, VSAM).

Have you worked on Datapower Extension functions? If so, can you please name some of them

Description : Have you worked on Datapower Extension functions? If so, can you please name some of them

Last Answer : Yes. Whenever we need to use DP EXTN Functions, we always need to declare the below namespace. xmlns:dp=http://www.datapower.com/extensions extension-element-prefixes="dp" dp:set-variable: ... field does not exist, this extension function adds the specified name and value to the client request.

What are the Datapower Variables?

Description : What are the Datapower Variables?

Last Answer : Local - var://local/userdefinedname A local context variable in the default (current) context. The local context does not persist beyond the scope of the transaction. A transaction can include both ... a variable that is made available to a DataPower service that is attached to a session.

. How do you Implement Dynamic Routing in Datapower?

Description : . How do you Implement Dynamic Routing in Datapower?

Last Answer : In case of a dynamic backend, we update all the backend URL’s in an xml file and we use a generic XSLT which will read the URL from the xml file based on certain customized conditions and we set the routing variable var://service/routing-url in the XSLT.

What kind of troubleshooting have you done in datapower?

Description : What kind of troubleshooting have you done in datapower?

Last Answer : We use probe to capture the ongoing transactions with respect to a service.  We can also set the log level to debug mode in Troubleshooting Panel.We can make use of Log targets and Log ... Appliance itself under logstore or logtemp directory  We can also save the logs in an external server.

How do you test your Datapower Services?

Description : How do you test your Datapower Services?

Last Answer : We can use SOAPUI to test the Datapower Services

1. What are the different services that have you used in Datapower?

Description : 1. What are the different services that have you used in Datapower?

Last Answer : WebService Proxy, Multiprotocol gateway and XML Firewall

How to take secure backup?

Description : How to take secure backup?

Last Answer :  To securely back up the appliance configuration from the WebGUI:  Click Administration => Main => System Control.  Locate the Secure Backup section.  From the Crypto certificate list, select the ... of the target directory for the backup files.  Click Secure Backup to back up the appliance.

What is an Application Domain?

Description : What is an Application Domain?

Last Answer : An application domain allows the administrators to partition an appliance into multiple logical configurations. For example the developers and production employees environment is different

Explain about your Roles and Responsibilities?

Description : Explain about your Roles and Responsibilities?

Last Answer :  Gathering the requirements from Client  Preparing the Design Document  Presenting the Design document to Client for approval  Configuring the service in Development environment  Testing and Troubleshooting of DP Services  Migrating the services from Dev to test and to production environment

What is an on-error action in XI52?

Description : What is an on-error action in XI52?

Last Answer : An on-error action defines a named rule that enables user-defined error handling when subsequent processing encounters errors. This topic instructs how to define an on-error action. The on-error action ... an error occurs during processing. In this case, the error rule acts as an error handler.

How do you migrate your services from one environment to another or how do you deploy your services from one environment to another?

Description : How do you migrate your services from one environment to another or how do you deploy your services from one environment to another?

Last Answer : We have a support team who takes care of Service deployments. We take an export of the service which needs to be deployed and keep it in a secured server by doing FTP. Our support ... server and does the deployment We can also use Export and Import configuration along with the Deployment Policy

How do you handle Error scenarios?

Description : How do you handle Error scenarios?

Last Answer : We create an error rule in which we use a generic XSLT, which creates a fault message by reading the Service variables env:Client

What is a Passthrough Service?

Description : What is a Passthrough Service?

Last Answer : assthrough is basically accepting and sending a request to the backend without modifying it in Datapower

Difference between Copy and Copy-of?

Description : Difference between Copy and Copy-of?

Last Answer : The element creates a copy of the current node. Note: Namespace nodes of the current node are automatically copied as well, but child nodes and attributes of the current node are not ... : Namespace nodes, child nodes, and attributes of the current node are automatically copied as well!

Difference between Apply-template and Call-template?

Description : Difference between Apply-template and Call-template?

Last Answer : The element applies a template to the current element or to the current element's child nodes. If we add a select attribute to the element it will process only the child element that ... a normal function call. You execute exactly one (named) template, usually with one or more parameters.

What is xsl:param ?

Description : What is xsl:param ?

Last Answer : The element is used to declare a local or global parameter. The parameter is global if it's declared as a top-level element, and local if it's declared within a template.

Have you worked on XSLT Coding? If so, rate yourself in the scale of 1-10

Description : Have you worked on XSLT Coding? If so, rate yourself in the scale of 1-10

Last Answer : Yes. I would rate myself as 6-7

8. When can we use User Agent?

Description : 8. When can we use User Agent?

Last Answer : A user agent is a client that initiates a request for a local service to establish a connection to a remote server.

7. What is an XML Manager and why do we need it?

Description : 7. What is an XML Manager and why do we need it?

Last Answer : An XML Manager provides the following capabilities  Basic network configuration, such as load balancing and accessing remote servers.  It acts as an XML parser in order to provide XML Threat Protection  It helps in implementing Caching  To configure the User Agent

5. What is SLM and options available with that?

Description : 5. What is SLM and options available with that?

Last Answer : SLM has mainly 3 statements  Throttle  Notify  Shape

4. What actions have you used in the processing policy?

Description : 4. What actions have you used in the processing policy?

Last Answer :  AAA  SLM  Match  Transform  Result  Sign  Verify  Encrypt  Decrypt

3. What are the components of a WSDL?

Description : 3. What are the components of a WSDL?

Last Answer :  WSDL Definitions  WSDL Types  WSDL Message  WSDP Port and Operation  WSDL Binding

2. Difference between WSP and MPGW?

Description : 2. Difference between WSP and MPGW?

Last Answer : WSP Web Service Proxy is a powerful service in DataPower which provides abstraction and security to the backend web services .It provide access to variety of web services. WSP has many important ... to manually configure a match action and Processing policy  We have a loopback mode in MPGW

My computer won't let me type in passwords for security-enabled wireless connections.

Description : My computer won't let me type in passwords for security-enabled wireless connections.

Last Answer : answer:Recently I had that problem. The cause turned out to be a setting on the wireless router. —The router setting was “802.11n-only” —The computer had an older 802.11g wireless card —The fix was changing the router setting to “802.11n and 802.11g”.

Why would someone want a smartphone-enabled garage door opener?

Description : Why would someone want a smartphone-enabled garage door opener?

Last Answer : answer:It's better because you already have the phone, and don't need a remote. It's one less thing. A use case might be leaving your house to jog, or walk your kids around the neighborhood. ... secure, but there's no obvious reason this would seem less secure than online banking or the cloud ...

If my DDWRT SPI firewall is enabled on the router, do I need to also engage the Windows (or another) firewall?

Description : If my DDWRT SPI firewall is enabled on the router, do I need to also engage the Windows (or another) firewall?

Last Answer : Here’s good article on this topic why you need separate firewall on how to geek

What does it mean to be enabled?

Description : What does it mean to be enabled?

Last Answer : Being enabled basically means being able to do something that a person can already do or being given permission to do so.

Adobe Pro Won't let me E sign in enabled usage mode?

Description : Adobe Pro Won't let me E sign in enabled usage mode?

Last Answer : See if THIS helps.

Mac CD burning app that is Lightscribe-enabled, simple and small?

Description : Mac CD burning app that is Lightscribe-enabled, simple and small?

Last Answer : Lightscribe.com has a simple Mac labeller that’s 13mb.

Is there such a thing as a pre-paid 3G or 4G enabled laptop I can use without a credit card?

Description : Is there such a thing as a pre-paid 3G or 4G enabled laptop I can use without a credit card?

Last Answer : I don’t use one in my personal life, but if you’re in the US you can try Wal*Mart. I don’t know if they have any laptops with an internal 3G or 4G card, but you can get the USB adapters. They sell the “air cards” there to add time and, it seems, they have something to do with Monkey Pak.

Why can't Ubuntu Desktop effects be enabled?

Description : Why can't Ubuntu Desktop effects be enabled?

Last Answer : Which video card are you using and which driver is X loading?

Did you order a WakeMate? Or, do you use another smartphone-enabled or standalone wellness device?

Description : Did you order a WakeMate? Or, do you use another smartphone-enabled or standalone wellness device?

Last Answer : I have a Zeo that I don’t find very useful.

Do you have a GPS-enabled digital camera?

Description : Do you have a GPS-enabled digital camera?

Last Answer : Since you will be using the camera in NYC, a heavily populated wi-fi area, have you considered buying a geotagging SD card instead? Then you could put it into a camera that you want based on the cameras ... from your camera to your computer, without taking the SD card out. That's always a plus. :)

How to control access when "internet sharing" is enabled on my Mac?

Description : How to control access when "internet sharing" is enabled on my Mac?

Last Answer : From the help menu. Select how you want to share your Internet connection in the To computers using list. For example, if you want to share your Internet connection over AirPort, select ... your Internet connection using AirPort, click AirPort Options and give your network a name and password.

Can you move dlc to a non xbox live enabled profile on the same box?

Description : Can you move dlc to a non xbox live enabled profile on the same box?

Last Answer : I was under the impression that DLC was not linked to a profile, but instead box specific. I know this is how it works with map packs for say, CODwaw.

My ie is sayin your internet is running with no add-ons and all my add-ons are enabled how do i fix it?

Description : My ie is sayin your internet is running with no add-ons and all my add-ons are enabled how do i fix it?

Last Answer : Use firefox.

Do you own a WiFi-enabled PMP that is PlaysForSure compliant?

Description : Do you own a WiFi-enabled PMP that is PlaysForSure compliant?

Last Answer : i don’t know ,but try the sansa Connect

how do I get capslock on my iPhone? I have it enabled already.

Description : how do I get capslock on my iPhone? I have it enabled already.

Last Answer : see the arrow next to the z push it it should lite up then the caps are locked I have to push for every letter

When the next software update for iPhone hits, will mms capabilities be enabled?

Description : When the next software update for iPhone hits, will mms capabilities be enabled?

Last Answer : I know I spelled some things wrong. I like the iPhone but without mms, and video, its not as entertaining to me as it could be. I mean geez if we could at least even receive mms from friends/family!!!

Get a HTC Diamond or wait for the newer Dream or even Google Android enabled phone?

Description : Get a HTC Diamond or wait for the newer Dream or even Google Android enabled phone?

Last Answer : I would wait for the HTC Dream. I’ll try to find the site with the details for the phone. Super sweet though.

Name the technology which enabled the transportation of perishable foods over -SST 10th

Description : Name the technology which enabled the transportation of perishable foods over -SST 10th

Last Answer : Refrigerated ships.

Name the technology which enabled the transportation of perishable foods over -SST 10th

Description : Name the technology which enabled the transportation of perishable foods over -SST 10th

Last Answer : Refrigerated ships.

COPRA has enabled the consumers to have the right to represent in the consumer courts.Explain how it benefits the consumers. -SST 10th

Description : COPRA has enabled the consumers to have the right to represent in the consumer courts.Explain how it benefits the consumers. -SST 10th

Last Answer : Under COPRA, a three-tier quasi-judicial machinery at the district, state and national levels was set up for redressal of consumer disputes. The district level court deals with the cases involving claims ... to a consumer, she has the right to get compensation depending on the degree of damage.

Write True or False against each statement: The introduction of the fly shuttle enabled hand loom workers to improve their productivity. -SST 10th

Description : Write True or False against each statement: The introduction of the fly shuttle enabled hand loom workers to improve their productivity. -SST 10th

Last Answer : solutions : - True

Describe any three factors which have enabled globalisation in India. -SST 10th

Description : Describe any three factors which have enabled globalisation in India. -SST 10th

Last Answer : Globalisation means unification or integration of the domestic economy with the world economy through trade, capital and technological flows. Factors that supported globalisation in India are as follows : (a) ... Infosys (IT), Ranbaxy, Asian Paints etc. emerged as MNCs and start working globally.

What factors enabled the recast of Germany's political system after the First World War? -History 9th

Description : What factors enabled the recast of Germany's political system after the First World War? -History 9th

Last Answer : The factors which enabled the recast of German policy after the First World War were the defeat which Imperial Germany suffered in the First World War and the abdication of the German emperor.

What was one factor that enabled the the Continental army to defeat the British army in the revolution?

Description : What was one factor that enabled the the Continental army to defeat the British army in the revolution?

Last Answer : Feel Free to Answer