Much of the security functionality offered by WebSphere® DataPower® XC10 Appliance is built into the construction of the appliance. Additional security
settings are included to provide additional security options for your
environment.
About this task
To increase the security coverage of the appliance, you can
configure several options that exist to control the user behavior.
Procedure
- Navigate to the Settings panel. To manage your security options, navigate to the Settings panel using one of the following methods:
- From the menu bar at the top of the WebSphere DataPower XC10 Appliance user interface, navigate to .
- From the Welcome page, click the Customize settings link in the Step 1: Set
up the appliance section.
- Expand Security.
- Set your security permissions.
- Set the Allow new users to create their own
accounts field. The default value for this
field is Disabled. This field specifies if
a user is able to create their own account. In WebSphere DataPower XC10 Appliance, self-registered users have appliance monitoring permission by default.
Enable this option only if you want to allow anyone that has access
to the user interface to also have appliance monitoring permission.
When this field is Enabled, a Register button
displays on the login screen. See Self-registering a new user account for more details on self user
registration.
- Set the Allow password reset from the serial
console field. The default value for this field
is Disabled.
Disabled: Make sure that you configure
an SMTP server and an email address for the xcadmin user. These configurations ensure that if the xcadmin password is lost, then there is a way to reset the password. If
this field is disabled and these configurations are not made, then
it is impossible to reset a lost xcadmin password and the appliance must be returned to IBM for remanufacturing.
Enabled: You can reset the password for the xcadmin user using a serial connection without any other credentials required
and without an SMTP message. If this option is selected, the physical
access to your WebSphere DataPower XC10 Appliance is even more important than typical. With physical access to the
machine, any user is able to gain administrator access to the appliance.
- Configure your appliance to authenticate users with a Lightweight
Directory Access Protocol (LDAP) directory. For more information
about configuring your appliance to authenticate using with an LDAP
directory, see Configuring your appliance to authenticate users with an LDAP directory.
Results
After successfully completing these steps, you have specified
how the appliance handles certain security-related scenarios and whether
external authentication is used for access to the
user interface.
What to do next
Configure users and groups to provide access to the user
interface. You also use users and groups to provide access to data
grids.