| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
| MQ Security on queues while using receiver channels |
« View previous topic :: View next topic » |
| Author |
Message
|
| RogerLacroix |
 Posted: Wed Jul 20, 2005 2:32 pm Post subject: |
 |
|
Jedi Knight
Joined: 15 May 2001
Posts: 3264
Location: London, ON Canada
|
Hi,
| hopsala wrote: |
| I must say, I don't know what you mean by "minimum minimum security"...? |
Here's the MQ Conference Ad
It is extremely rare that I go to a customer site and they have any kind of security solution or SSL in place (maybe 5%). That includes their production queue managers.
| hopsala wrote: |
| With MQ 5.3, one has encription over the net, |
No it doesn't - not out of the box.
| hopsala wrote: |
| and SSL handshaking, |
Yes. But it is very complex to setup and administer. How many hours were spent learning how to do this, trouble shooting it and then configuring it. (plus future support). Or for some, they hired a consultant or a consulting firm to do the work for them. This runs into big money really fast.
Besides, just because the application connects to the queue manager with SSL does not mean the user should have access. Or worst, I boot a Windows server via a floppy, off load the key store file, and then I can use that key store to connect to the queue manager anytime I want.
Think about it, when logging onto a Windows, Unix or mainframe, do you get automatic access without logging in just because you used SSL (i.e. SSH with Putty or Exceed or Tectia) or did you do proper authentication with an UserID and password?
Regards,
Roger Lacroix
Capitalware Inc.
_________________
Capitalware: Transforming tomorrow into today.
Connected to MQ!
Twitter |
|
| Back to top |
|
 |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
