Configure security for iSeries Navigator tasks on the Web

If you are accessing the iSeries™ Navigator tasks on the Web interface over an external network, such as the Internet, it is recommended that you connect using a secure HTTP connection. Additionally, if the server hosting the iSeries Navigator Tasks on the Web interface resides outside of a firewall, or if you are managing a secondary system outside of a firewall, it is recommended that you also configure the IBM^® Toolbox for Java™ to establish secure socket connections for data access.

It is important to consider the security configuration needed to adequately ensure protection of sensitive data such as userIDs and passwords. The iSeries Navigator tasks on the Web interface can be configured to require secure connections, not use secure connections, or somewhere in between. As shipped, the iSeries Navigator tasks on the Web interface is configured to send warning messages to the user if secure connections are not used. You should evaluate the security needs for your environment and either change the security configuration for the iSeries Navigator tasks on the Web interface, or configure secure connections.

There are two kinds of Secure Socket Layer (SSL) connections that you need to consider configuring in order to run iSeries Navigator tasks on the Web securely:

The first type of SSL connection is used in a connection between a Web browser and the iSeries system that is hosting iSeries Navigator tasks on the Web.
The second type of SSL connection is used by the iSeries Navigator tasks on the Web interface to retrieve data from the local iSeries and any managed secondary systems.

By default, iSeries Navigator tasks on the Web is configured to warn users if SSL is not used for all connections. You should evaluate your security requirements, and do one or both of the following:

Configure and use one or both kinds of SSL connections.
Change the iSeries Navigator tasks on the Web configuration parameters to treat non-secure connections differently. Options include making SSL connections required, not required, not used, or give a warning.

See the following topics for more information about each type of connection and options for using them:

Configure Web browser connections to iSeries Navigator tasks on the Web
Ensure that iSeries Navigator Tasks on the Web is configured with the desired behavior for handling SSL or non-secure connections from browsers. Also, if you want to allow or require browser communications to run across a secure connection, you will need to configure SSL for the Administration instance of the HTTP Server.
Configure data-retrieval connections to the local system and managed secondary systems
Any time iSeries Navigator tasks on the Web retrieves data from OS/400^®, either on the local iSeries or any managed secondary systems, the IBM Toolbox for Java is used to create a socket connection for data retrieval.

Parent topic: Set up iSeries Navigator tasks on the Web