Configuring security for System i Navigator tasks on the Web

If you are accessing the System i® Navigator tasks on the Web interface over an external network, such as the Internet, it is recommended that you connect using a secure HTTP connection. Additionally, if the system hosting the System i Navigator tasks on the Web interface resides outside of a firewall, or if you are managing a secondary system outside of a firewall, it is recommended that you also configure the IBM® Toolbox for Java™ to establish secure socket connections for data access.

It is important to consider the security configuration needed to adequately ensure protection of sensitive data such as user IDs and passwords. The System i Navigator tasks on the Web interface can be configured to require secure connections to not use secure connections, or somewhere in between. By default, the System i Navigator tasks on the Web interface is configured to send warning messages to the user if secure connections are not used. You should evaluate the security needs for your environment and either change the security configuration for the System i Navigator tasks on the Web interface, or configure secure connections.

The kinds of Secure Socket Layer (SSL) connections that you need to consider configuring to run System i Navigator tasks on the Web securely:

  1. The first type of SSL connection is used in a connection between a Web browser and the System i model that is hosting System i Navigator tasks on the Web.
  2. The second type of SSL connection is used by the System i Navigator tasks on the Web interface to retrieve data from the local System i model and any managed secondary systems.

By default, System i Navigator tasks on the Web is configured to warn users if SSL is not used for all connections. You should evaluate your security requirements, and do one or both of the following:

  • Configure and use one or both kinds of SSL connections.
  • Change the System i Navigator tasks on the Web configuration parameters to treat nonsecure connections differently. Options include making SSL connections required, not required, not used, or give a warning.

See the following topics for more information about each type of connection and options for using them:

Parent topic: Setting up System i Navigator tasks on the Web
Related tasks:
Prerequisites for setting up System i Navigator tasks on the Web