Create a VPN to provide security for developers to use software

From an enterprise perspective, managers and supervisors often view the internet and the cloud as loose, insecure systems that open the door to potential vulnerabilities. In this article, Jean-yves Rigolet will introduce the IBM http://www.aliyun.com/zixun/aggregation/13696.html ">smartcloud Enterprise How enterprise Development tools run in your environment securely access back-end systems behind your company's firewall. Then introduce a way to set access security for members of the development team.

We know how important your machines, business data, and the security of all IT systems are, and they should never worry. Open a door to the back-end system to allow access from the development environment, which should not have any impact on the security above.

We also recognize that you are eager to simplify the setup, deployment, and maintenance of your development environment for your team, so having a cloud infrastructure can help. But using a cloud infrastructure that is tightly connected to a system within an enterprise may worry you about security. However, there are ways to secure such a hybrid IT infrastructure.

This article describes how to securely access your back-end systems from a development environment located in the cloud. We do not cover all aspects and forms of security involved in preparing the development environment for the team. We will focus on the necessary connections between your private infrastructure and the virtual machines hosted and hosted on the public cloud infrastructure.

First, you'll learn how to use OpenVPN, a well-known open-source SSL virtual private networking software from the Rational Integrated development Environment (IDE) on the Ibm®smartcloud Enterprise infrastructure, You can safely access your own private systems, including IBM power Bae, or even mainframes. You will then learn how to industrialize this approach and provide your own protected cloud image for use by the development team.

Although the cloud mirroring used in this article runs Ibm®rational®developer for system z® in a Red Hat Enterprise Linux 6.3 (64-bit) operating system, you can easily adjust the settings we use. To fit other mirrors (such as Rational®application Developer, Rational®software Architect for Websphere®software, or Rational®developer for Power Bae Software™). Of course, you can also use other operating systems (such as SUSE Linux Enterprise Server).

Securing access to back-end systems

The first thing you need to ensure is that you have a OpenVPN server installed, and it is running on your own machine. This article does not describe how to install it, but it is a prerequisite for performing all work on the client.

After ensuring that the backend system is properly protected, a running cloud hosting system is also required. To do this, you can access the SmartCloud Enterprise portal and create an instance from the directory.

The next step is to configure and test the security access for the system from an instance running from a cloud environment.

Figure 1 provides an overall view of the resulting schema.

Figure 1. The architecture of a secure connection between the Cloud desktop client and the back-end system