1 / 15

Web Services Enhancements

Learn about service enhancements, security measures, and best practices for running reports, tasks, and background processes. Understand how to control ESS access and secure your application server effectively.

ginas
Download Presentation

Web Services Enhancements

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Web Services Enhancements Webinar 2/23 & 2/26

  2. Agenda • AE Application Server/Service Enhancements • MS SQL Browser Application Security • Errors many vendors make • Controlling ESS Access via IIS

  3. AE Service Components • Service Components • AutoTask • Running reports, tasks, communications • Background Processes • Data processes • Timecard calculations • Communication Server • Real-Time data collection

  4. Existing Server Layout IIS Servers SQL Servers Application Server • AutoTask • Running reports, tasks, communications • Background Processes • Data processes • Timecard calculations • Communication Server • Real-Time data collection

  5. Distributed Processing AutoTask - Running reports, Tasks, Communications Background Processes - Data processes, Timecard calculations Communication Server- Real-Time data collection

  6. Enhanced Server Layout IIS Servers SQL Servers Application Servers AutoTask Server Background Processing Server Communication Server

  7. Advantages • Ultimate in scalability • Lower total cost of ownership • 100% redundancy = 24/7

  8. MS SQL Security • Microsoft Security Holes • Browser app written in .asp • Default.ASP page • Contains authentication – Connectivity Information • ASP is not encrypted • Low Isolation NOTE: ASP can utilize obfuscated secrets

  9. ASP Pages

  10. What is Low Isolation? MS SQL Server ISAPI, DLL’s & ADO High ASP Pages Medium IIS Service / Process Low Web Server

  11. Advantages of High Isolation • If Server fails, service isn’t affected • If Service (AeWebLoader) fails, Server doesn’t shutdown • Further removed from IIS process = more security Note: High Isolation does slow down service a little

  12. Controlling ESS Access Internet Information Services

  13. Directory Security

  14. Deny / Grant IP or PC

  15. Summary • Distributed Application Server • Ultimate in Scalability • Only supported in Enterprise Edition • Microsoft secure development strategy • ISAPI vs. ASP (typical) • Securing ESS accessibility

More Related