Highlighted
Super Contributor.
Super Contributor.
698 views

Webaccess Domain Best Practice

With GroupWise 8, best practice was to put the Webaccess domain on the same server as Webaccess. While designing our GW 2014 system security is much more important. In efforts to make GroupWise more secure, I don't think I like the idea any longer putting a secondary domain on a host that has direct internet access.

What are other people doing?
Labels (1)
0 Likes
2 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: Webaccess Domain Best Practice

kwhite;2345909 wrote:
With GroupWise 8, best practice was to put the Webaccess domain on the same server as Webaccess. While designing our GW 2014 system security is much more important. In efforts to make GroupWise more secure, I don't think I like the idea any longer putting a secondary domain on a host that has direct internet access.

What are other people doing?


In short, no need for a secondary domain on the WebAccess server. I haven't done so since GroupWise 2012. As a note, it was not a necessity with GroupWise 8 and lower, as you could install the WebAccess agent on a server that was running on the LAN, and only install the WebApplication on the server in the DMZ.

One main thing that has changed with WebAccess, as of GroupWise 2012, is that the WebAccess application doesn't make use of gwinter anymore (meaning there's no more Web Access agent component in 2012 and 2014). It's now a standalone (client) component that talks directly to the POA(s).

So all you need is a SLES or Windows server in the DMZ and install and configure the WebAccess component on that.

There are also no more eDir counterparts for WebAccess. All that is needed is a port opened to the POA's (for SOAP, which defaults to 7191) and since 2014 also port 8500 needs to be opened from POA(s) to the server running WebAccess. 8500 is needed for the auto refresh functionality that's new in WebAccess 2014.

Cheers,
Willem
0 Likes
Highlighted
Super Contributor.
Super Contributor.

Re: Webaccess Domain Best Practice

Thanks


>>> On 2/2/2015 at 3:56 PM, magic31<magic31@no-mx.forums.novell.com> wrote:


kwhite;2345909 Wrote:

> With GroupWise 8, best practice was to put the Webaccess domain on the
> same server as Webaccess. While designing our GW 2014 system security
> is much more important. In efforts to make GroupWise more secure, I
> don't think I like the idea any longer putting a secondary domain on a
> host that has direct internet access.
>
> What are other people doing?


In short, no need for a secondary domain on the WebAccess server. I
haven't done so since GroupWise 2012. As a note, it was not a necessity
with GroupWise 8 and lower, as you could install the WebAccess agent on
a server that was running on the LAN, and only install the
WebApplication on the server in the DMZ.

One main thing that has changed with WebAccess, as of GroupWise 2012, is
that the WebAccess application doesn't make use of gwinter anymore
(meaning there's no more Web Access agent component in 2012 and 2014).
It's now a standalone (client) component that talks directly to the
POA(s).

So all you need is a SLES or Windows server in the DMZ and install and
configure the WebAccess component on that.

There are also no more eDir counterparts for WebAccess. All that is
needed is a port opened to the POA's (for SOAP, which defaults to 7191)
and since 2014 also port 8500 needs to be opened from POA(s) to the
server running WebAccess. 8500 is needed for the auto refresh
functionality that's new in WebAccess 2014.

Cheers,
Willem


--
Knowledge Partner (voluntary sysop)
------------------------------------------------------------------------
magic31's Profile: https://forums.novell.com/member.php?userid=2303
View this thread: https://forums.novell.com/showthread.php?t=481627
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.