Configuring Security Groups When iProcess Workspace (Browser) Is used to Connect to iProcess Engine
To connect to iProcess Engine from iProcess® Workspace (Browser), perform the following steps to configure security groups.
| 1. | Start an AVM in your Virtual Network. |
| 2. | Name the created virtual machine as avm-OracleServer. Install the Oracle Database Server on this virtual machine. |
| 3. | Start a second AVM in your Virtual Network. |
| 4. | Name the created virtual machine as avm-iPETomcat. Install iProcess Engine and iProcess Workspace (Browser) on this virtual machine. |
| 5. | Create security groups for the two Azure Virtual Machines: |
| — | Create nsg-OracleServer for avm-OracleServer instance. |
| — | Create nsg-iPETomcat for avm-iPETomcat instance. |
| 6. | Configure nsg-OracleServer |
-
Specify a custom TCP rule so that only machines (on an external domain) can access the Oracle Database Server (The default port is 1521.)
-
Specify a rule on avm-OracleServer for iProcess Engine to communicate with the database server.
-
Specify a rule on avm-iPETomcat for the database server to communicate with iProcess Engine.
-
Specify a custom TCP rule so only client machines on an external domain can access the iProcess Workspace (Browser) (The default port is 8080.)
|
Priority |
Name |
Source |
Destination |
Service |
Action |
|
200 |
default-allow-rdp |
Any |
Any |
Custom (TCP/3389) |
Allow |
|
300 |
AllTCP |
192.0.2.0/32 |
Any |
Custom (Any/Any) |
Allow |
Outbound Security Rules
|
Priority |
Name |
Source |
Destination |
Service |
Action |
|
100 |
AllTCP-outbound |
Any |
Any |
Custom (Any/Any) |
Allow |
After configuring these security groups, your setup looks something like the following illustration.
