outside connections

[Kevin Scantlan]

We are starting to have an increase in demand for interfaces outside of our institution.  Security is a big issue and I wanted to see how others in the Quovadx communitiy are dealing with outside entities.  I see 3 solutions:

1.  The outside entity has a gateway set up within our border firewall.  We send messages to that server.  That server then sends out those messages to their application often via https. The engine only communicates with that gateway.  We have a number of these set up.

2.  Set up a VPN and have the engine communicate directly with the server that sits outside.  We have 1 interface set up that way.

3.  Set up our own gateway which runs Cloverleaf in the DMZ.  The main engine only communicates with our gateway for those outside entities.  The gateway then connects to the outside entities.

Our Security Officer is pushing for #3 believing it’s more secure.  What has been your experience and what is working for you?

Thanks.

Topic

[James Cobane]

Kevin,

In our environment, we have a mix of options 1 & 2 (10 – 20 interfaces).  Both options seem to function well, and it really comes down to the external system’s connectivity capabilities.  Another option you may want to investigate is the “Cloverleaf Secure Courier” (formerly Secure Object Client).

From the User Group presentation:

The Cloverleaf Secure object Client (formerly SoC) is a small

[Author]

Replies