Hi,
We have currently closed the http port using port=-1
Also I tried using httpProxyRedirect but failed miserably. Are you suggesting using something like nginx before DMC for this or modifying some config files within DMC software to get this redirect working? Any pointers would be helpful. Thanks.
------------------------------
Bujji Phanikiran V
------------------------------
Original Message:
Sent: Mon September 09, 2024 03:36 AM
From: Daphne Colson
Subject: IBM Data Management Console security
Bujji, While waiting for the next release, have you considered using a reverse proxy in front of DMC to enforce secure ciphers and potentially restrict port access?
------------------------------
Daphne Colson
Original Message:
Sent: Fri September 06, 2024 09:08 AM
From: Bujji Phanikiran V
Subject: IBM Data Management Console security
Hello all,
We have a security requirement from our clients that all non-secure CIPHERS should not be used and unsecure ports should be closed.
We tried blocking all unsecure ciphers and closing the non-ssl port but failed. We raised a IBM Case and IBM said it will be fixed in the next release of IBM DMC.
There was a time when IBM DMC updates were very frequent. But we were waiting for almost an year for this and there is still no new version released.
Is anyone here able to successfully block the non-ssl ports (including internal ports like 11088 and 11098 used by DMC)?
Any IBM Developers that can shed some light on when the next release of DMC is tentatively going to be?
------------------------------
Bujji Phanikiran V
------------------------------