Security considerations for IBM UrbanCode Deploy

You can take actions to ensure that your installation is secure and set up user access controls.

Enabling security during the installation process

During the installation process, by default the server is configured to use Secure Sockets Layer (SSL) for secure communication. This is true for manual and for silent installations. In addition to SSL communication, role-based access controls are available that determine what actions a particular user can perform.

In general, you configure security on the application server or the database server, not in IBM® UrbanCode Deploy. IBM UrbanCode Deploy communicates with the database by using the Java™ Database Connectivity (JDBC) provider on the application server.

To learn about configuring Lightweight Directory Access Protocol (LDAP) authentication, see Authentication realms.

Installing a Federal Information Processing Standards (FIPS) compliant server

You can configure a Federal Information Processing Standards (FIPS) compliant server by specifying options at installation time. A FIPS-compliant server has certain limitations. See Installing the server in interactive mode.

Enabling secure communication between multiple applications

You can use tokens to secure communications between products that integrate with IBM UrbanCode Deploy. To learn more about tokens, see Tokens.

Ports, protocols, and services

The following table shows the default port numbers for the HTTP, HTTPS, and Java Message Service (JMS) ports.

Port type Default port number
HTTP 8080
HTTPS 8443
Java Message Service (JMS) 7918

Customizing your security settings

The only user ID created by default is admin. To change the password for admin, click Settings > Authentication (Users).

Failed login attempts are stored in the database. With the exception of the default admin password, all passwords are stored in encrypted form in the database. Once you change the default admin password, it is also stored in encrypted form.

Setting up user roles and access

You can create and delete users, and add users to groups and teams in IBM UrbanCode Deploy. To learn more, see Security. In IBM UrbanCode Deploy, the superuser account with special security privileges is Admin.

Privacy policy considerations

Depending on the configurations that are deployed, this software offering might use cookies that can help enable you to collect personally identifiable information. For information about this offering’s use of cookies see the Notices topic.


Feedback