The technote is going to guide you step-by-step through the process of securing FusionReactor with HTTPS/SSL.
Note: The following technote should work on any version of FusionReactor.
This method is usually easiest to achieve as often you will already know how to configure your webserver. FusionReactor should be configured to process requests received through your existing web server. Please follow the steps below in order to enable FusionReactor been accessible externally.
The configuration above leaves FusionReactor open to external users, however, you can configure FusionReactor in order to be accessible via an HTTPS connection.
In order to achieve this, please follow the steps listed below.
For added security, you may wish to use the security rules of your web server to completely deny external website access to FusionReactor. Then you could create a new internal HTTPS website (virtual host in Apache) specifically for FusionReactor.
More information about the virtual directory configuration in IIS can be found here, http://www.iis.net/configreference/system.applicationhost/sites/site/application/virtualdirectory.
There are several generic tools available for wrapping TCP connections with an SSL layer. In our example we will use Stunnel for Windows (http://www.stunnel.org/)
FusionReactor should be configured to accept requests ONLY on the local/loopback interface using the built in web server. This can be done by following the steps below.
Install your SSL TCP wrapper on the server (machine A) and configure to forward incoming traffic to the IP & port configured above
Next, install your SSL TCP wrapper on the client (machine B) and configure to forward outgoing traffic to the SSL wrapper port configured above (in our example, this would be the IP of the server and port 9000)
Finally, the URL to access FusionReactor now becomes http://127.0.0.1:9050/ (Remember: This URL is only available from the machine where you installed the SSL wrapper client. In our example, machine B)
Important: This technote describes securing the FusionReactor interface with HTTPS / SSL. If you are running FusionReactor enterprise edition, you may also wish to secure the inter-server connections. This can be done using the principal with either of the above described methods.
|Components:||Enterprise Dashboard, FR Enterprise Dashboard Desktop Application, FusionReactor Settings|
|Last Updated:||Today 1:16 PM|
|Affects Version:||1.0, 2.0, 2.0.3, 2.0.4, 3.0, 3.0.1|
FRS-418: FusionReactor Cloud Firewall DNS and Static IP address rules
Comments are closed.