Configuring Security Groups When iProcess Workspace (Browser) Is used to Connect to iProcess Engine

To connect to iProcess Engine from iProcess® Workspace (Browser), perform the following steps to configure security groups.

1. Start an AVM in your Virtual Network.
2. Name the created virtual machine as avm-OracleServer. Install the Oracle Database Server on this virtual machine.
3. Start a second AVM in your Virtual Network.
4. Name the created virtual machine as avm-iPETomcat. Install iProcess Engine and iProcess Workspace (Browser) on this virtual machine.
5. Create security groups for the two Azure Virtual Machines:
Create nsg-OracleServer for avm-OracleServer instance.
Create nsg-iPETomcat for avm-iPETomcat instance.
6. Configure nsg-OracleServer
  1. Specify a custom TCP rule so that only machines (on an external domain) can access the Oracle Database Server (The default port is 1521.)

  2. Specify a rule on avm-OracleServer for iProcess Engine to communicate with the database server.

  3. Specify a rule on avm-iPETomcat for the database server to communicate with iProcess Engine.

  4. Specify a custom TCP rule so only client machines on an external domain can access the iProcess Workspace (Browser) (The default port is 8080.)

Inbound Security Rules

Priority

Name

Source

Destination

Service

Action

200

default-allow-rdp

Any

Any

Custom (TCP/3389)

Allow

300

AllTCP

192.0.2.0/32

Any

Custom (Any/Any)

Allow

Outbound Security Rules

Priority

Name

Source

Destination

Service

Action

100

AllTCP-outbound

Any

Any

Custom (Any/Any)

Allow

Note: 192.0.2.0/32 is used as an example IP address, replace this with your IP address.

After configuring these security groups, your setup looks something like the following illustration.