Frequently asked Questions

The following Sterling Secure Proxy frequently asked questions and answers provide you general and frequently used or required installation, configuration, and replication-related information.

IBM Sterling Secure Proxy

IBM Sterling Secure Proxy (SSP) helps shield your trusted network by preventing direct connectivity between external partners and internal servers. It can secure your network and data exchanges at the network edge to enable trusted business-to-business transactions and Managed file transfer (MFT) file exchanges. As a demilitarized zone (DMZ)-based proxy, Sterling Secure Proxy uses multi-factor authentication, SSL session breaks, the closing of inbound firewall holes, protocol inspection, and other controls to ensure the security of your trusted zone.

Read the following Sterling Secure Proxy frequently asked questions and answers.

What are sterling secure proxy and sterling External Authentication servers?

Sterling Secure Proxy and Sterling External Authentication Server

Sterling Secure Proxy 6.0.x series and Sterling External Authentication Server 6.0.x series deliver features and enhancements that improve security for your organization’s MFT file exchanges and provide containers to simplify hybrid cloud deployments.

Certified containers. Take advantage of certified containers to simplify the deployment of Sterling Secure Proxy and Sterling External Authentication Server on hybrid cloud infrastructures. Sterling Secure Proxy certified containers are built to Kubernetes standards and qualified on the Red Hat OpenShift Container Platform.

How Sterling Secure Proxy and Sterling File Gateway Work Together?

Sterling Secure Proxy can be used as a proxy with Sterling File Gateway and other HTTP applications and supports a single sign-on connection. Single sign-on (SSO) provides access control that allows a user to log in once to Sterling Secure Proxy, using the HTTP protocol, and then gain access to Sterling File Gateway without logging in again. SSO bypasses normal user authentication in Sterling File Gateway and trusts that Sterling Secure Proxy has authenticated the user.

After you set up the basic single sign-on configuration, trading partners can communicate in a secure environment that provides authentication. The trading partner first connects to Sterling Secure Proxy which then connects to Sterling File Gateway on behalf of the trading partner.

What are the new features and enhancements for sterling secure proxy?

you can now pull container images from IBM Entitled Registry. For more information, refer to Downloading the Certified Container Software and Downloading the Docker image.
You can download helm charts from the IBM repository now. For more information, refer to Downloading the Certified Container Software.
IBM Certified Container Software will be valid till May 2022.
Dynamic provisioning support is added in IBM Certified Container Software. For more information refer to Creating storage for Data Persistence and Creating Secrets.
Licensing and Metering are supported using IBM License Operator. For more information refer to IBM Licensing and Metering service.
The Port range for adapter support has been extended with this release.

Now, support to preserve the client source IP has been extended. For more information, refer to Configuring- Understanding values.YAML.

What are the components of sterling secure proxy Architecture?

The components of the Secure Proxy architecture are:

Secure Proxy Engine—the engine resides in the DMZ and contains the minimum components necessary to manage communications sessions. The engine configuration (Secure Proxy engine properties) is created at Configuration Manager and pushed to the engine. It is stored in active memory and is never stored on a disk in the DMZ. No web services or UI ports are open in the DMZ.
Configuration Manager (Secure Proxy CM)—Configuration Manager is installed in the trusted zone. Use this tool to configure your environment. When you save a configuration definition (Secure Proxy configuration store) at CM, it is pushed to an engine, using an SSL session. Configuration files are encrypted and stored on the computer where CM is installed.

How to Install or Upgrade Sterling Secure Proxy on UNIX or Linux?

Before you install Sterling Secure Proxy, review the system requirements. Confirm that your system meets all requirements. Follow the procedures to install or upgrade Sterling Secure Proxy.

Verify your installation by starting CM and the engine, and ensuring that they can communicate.

What are the secure proxy property files?

The IP and port number to listen on for connections from Configuration Manager
SSL key certificate, trusted certificate, and encryption cipher used for the connection from Configuration Manager.

What is the configuration stored in Secure proxy

Secure Proxy configuration store is the file is encrypted on disk and contains the following information:

- The user store with information on user credentials
- The system certificate store with the certificates used for SSL/TLS sessions
- The key store with the SSH keys
- The engine configuration store with all configuration information for the engine.

What are the components of the IBM Sterling Secure Proxy?

There are 3 components of IBM Sterling Secure Proxy (SSP Engine (SSP), SSP Configuration Manager (SSPcm), and Perimeter Server (PS)). SSP can also make use of the IBM Sterling External Authentication Server (SEAS).

What are the latest versions of IBM Sterling secure proxy?

Latest releases of IBM Sterling Secure Proxy 6.0.x and IBM Sterling External Authentication Server 6.0.x

These Versions release the new features,

Pragma Edge Webhooks – FAQ

Pragma Edge Webhooks – Infographic

API Connect

Data Processing
Machine Learning

Jarvis (PJM)

Community Manager

FileGPS

Webhooks

Advanced Data
Capture

B2Bi - MFT Gateway

FileGPS

DPML

Jarvis

Our Story

Our Partners

Become A Partner

Careers

Our Blog

Write for us

Frequently asked Questions

IBM Sterling Secure Proxy