Configure Secure Web Service Connections
| Retired Content |
|---|
This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
By default, the installation and setup scripts and routines do not configure the ESB Guidance Web services and components to require SSL when accessed by clients or to use secure network protocols when connecting to back-end systems.
To protect the information passing between servers and ensure a robust and secure operating environment, you should configure the Web services to require SSL for client access and take steps to protect the connection between the IIS Web service host computer and the computer running SQL Server that hosts the databases used by the services.
You should consider the use of network-level security protocols such as IPSec and appropriate file-level ACLs or service-level permissions (such as database security). IPSec can provide secure separation between applications and protect the information passing over the network.
For more information about securing access to remote servers and services, see the following:
- Securing XML Web Services Created Using ASP.NET
- HTTP Security and ASP.NET Web Services
- Secure Your ASP.NET Apps And WCF Services With Windows CardSpace
- Step-by-Step Guide to Internet Protocol Security (IPSec)
- TechNet IPSec White Papers
Now continue to the next task: Install the Sample Applications.