Mendelson AS2 and DMZ

Profile picture for user nbedar

Hi
We just got Mendelson AS2 to create an interface between our ERP system and thrid party, and like to understand how to use DMZ with Mendelson AS2?
If Mendelson AS2 is installed on DMZ,
- it means data is on DMZ zone and can be access by public?
- how to access inbox and outbox folders?

Your help is appricated.

Thanks
Nadeem Bedar

Forum
AS2

Comments

Profile picture for user service

nbedar,

if the system runs in your DMZ there should be no way to access the data from outside. All ports/access should be closed, this is the DMZ concept?

Regards

Profile picture for user nbedar

In reply to by service

Hi
I think there are two firewalls of DMZ. An internal firewall where we open the ports to communicate with the ERP system and external firewall where we open the ports to communicate with the third-party outside.
But still have the same questions I asked in the main post.

Any suggestions?

Thanks
Nadeem

Profile picture for user service

nbedar,

To send received data from inside a DMZ to another place which might be somewhere in your company you could use the AS2 protocol. You already have a mendelson AS2 system inside your DMZ! Just install another instance of mendelson AS2 on the final receivers system where your ERP is located.
Lets call the message sender "SENDER", the system inside the DMZ "DMZ" and the final receiver (ERP, backend, outside the DMZ) "ERP".

Every message that comes in at DMZ with the relationship SENDER -> DMZ calls an event that moves the received data to the outbox folder for the relationship DMZ -> ERP.
The system in the DMZ (DMZ) will then poll this outbound directory and send it to the final receiver (ERP).

As the used protocol is AS2 you don't have to care for your firewall and security as all this is already set up in the DMZ - and it is secure and reliable as you are using the AS2 protocol.
If you need additional "routing" conditions you could also use the AS2 message subject or something similar to to send the received data in DMZ to several different mendelson AS2 receiver systems (ERP1, ERP2, ERP3...).

If you are using OFTP2 this is easier as OFTP2 supports data routing already on the protocol level - but the architecture is the same. In this case just use mendelson OFTP2 systems instead of mendelson AS2 systems for the routing process out of the DMZ to the ERP systems.

Regards