You can configure several aspects of security on the appliance, including user interface security and transport level security.
- IBM WebSphere DataPower XC10 Appliance security overview
With IBM® WebSphere® DataPower® XC10 Appliance, you can control access to both the appliance itself and the data grid data that is being held on the appliance. - Configuring Transport Layer Security (TLS) for WebSphere Application Server
You can configure Transport Layer Security (TLS) by modifying or replacing the keystore and truststore, and choosing the certificate alias for your configuration. - Configuring IBM WebSphere DataPower XC10 Appliance user interface security
Much of the security functionality offered by WebSphere DataPower XC10 Appliance is built into the construction of the appliance. Additional security settings are included to provide additional security options for your environment. - Configuring your appliance to authenticate users with an LDAP directory
You can optionally use a Lightweight Directory Access Protocol (LDAP) directory to authenticate users with your IBM WebSphere DataPower XC10 Appliance. - Managing users and groups
Users and user groups are provided so that you can manage the level of access for each individual to your WebSphere DataPower XC10 Appliance. You can use user groups to apply permissions to groups of users. - Enabling security for data grids
After you create your data grids, the security of the data grid is disabled by default. You can change the security settings for a data grid to restrict access to a certain user or group of users. ![[Java programming language only]](../images/ngjava.gif)
Configuring Transport Layer Security (TLS) for WebSphere Application Server
You can configure Transport Layer Security (TLS) by modifying or replacing the keystore and truststore, and choosing the certificate alias for your configuration.- Configuring a data grid application to use client authentication
If the data grid that you are configuring for the application uses security, you must configure a client.properties file that includes settings to pass to the data grid application. - Configuring TLS for data grid applications
You can configure Transport Layer Security (TLS) by modifying or replacing the keystore and truststore, and choosing the certificate alias for your configuration. ![[Version 2.5.0.3 and later]](../images/2.5.0.3plus.gif)
Configuring NIST SP800-131a compliance for data grid connections
In the appliance web console, you can configure NIST SP800-131a support in a collective of data grids.- REST gateway: Security configuration
To access a data grid through the REST gateway, the user must be authenticated to the WebSphere DataPower XC10 Appliance, regardless of whether the data grid has security enabled. The application client must always provide a basic authorization header with the authorized user ID and password in the HTTP headers of the HTTP request. To access data grids through the REST gateway, provide the user ID and password in an authorization header.