Configuring Security Groups When iProcess Workspace (Browser) Is used to Connect to iProcess Engine
To connect to iProcess Engine from iProcess® Workspace (Browser), perform the following steps to configure security groups.
1. | Start an AVM in your Virtual Network. |
2. | Name the created virtual machine as avm-OracleServer . Install the Oracle Database Server on this virtual machine. |
3. | Start a second AVM in your Virtual Network. |
4. | Name the created virtual machine as avm-iPETomcat . Install iProcess Engine and iProcess Workspace (Browser) on this virtual machine. |
5. | Create security groups for the two Azure Virtual Machines: |
— | Create nsg-OracleServer for avm-OracleServer instance. |
— | Create nsg-iPETomcat for avm-iPETomcat instance. |
6. | Configure nsg-OracleServer |
-
Specify a custom TCP rule so that only machines (on an external domain) can access the Oracle Database Server (The default port is 1521.)
-
Specify a rule on avm-OracleServer for iProcess Engine to communicate with the database server.
-
Specify a rule on avm-iPETomcat for the database server to communicate with iProcess Engine.
-
Specify a custom TCP rule so only client machines on an external domain can access the iProcess Workspace (Browser) (The default port is 8080.)
Priority |
Name |
Source |
Destination |
Service |
Action |
200 |
default-allow-rdp |
Any |
Any |
Custom (TCP/3389) |
Allow |
300 |
AllTCP |
192.0.2.0/32 |
Any |
Custom (Any/Any) |
Allow |
Outbound Security Rules
Priority |
Name |
Source |
Destination |
Service |
Action |
100 |
AllTCP-outbound |
Any |
Any |
Custom (Any/Any) |
Allow |
After configuring these security groups, your setup looks something like the following illustration.