Chris,

We don't use IBM WAS, either 3rd party product or own solution.
Could we use a separate partition or a small Power 710 for the web server in the DMZ, what would be used as a connector, possibly DDM?

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Chris Bipes
Sent: Wednesday, August 28, 2013 10:58 AM
To: 'Midrange Systems Technical Discussion'
Subject: RE: iSeries public WEB access, PCI security issues

You should never put your application server or database server with direct access to the internet. You should have a web server that is located in your DMZ and has a connector to your inside application server.

PCI will demand that there is a firewall between the internet and any web server and another firewall/zone between the web server and any application server. We just received our PCI compliance rating for our sister company. If your application on the iSeries is written in WebSphere Application Server you can install a connector on any web server, IIS, Linux, and other flavors that are supported by IBM WAS and then open a hole in your firewall between the web server and your iSeries.

--
Chris Bipes
Director of Information Services
CrossCheck, Inc.

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Steinmetz, Paul
Sent: Wednesday, August 28, 2013 7:50 AM
To: 'Midrange Systems Technical Discussion'
Subject: iSeries public WEB access, PCI security issues

Is anyone running an app that requires public WEB access to the iSeries?
If so, how is it configured/secured?

We have a new app that needs public WEB access.
Because we store credit card info, etc. on our iSeries, PCI rules may not allow this.
We were thinking of a separate partition, or a new Power 710, then using DDM to access the data.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.