Administer > Hardening > Configure secure access to the OMi reverse proxy

Configure secure access to the OMi reverse proxy

This section describes the security ramifications of reverse proxies and contains instructions for using a reverse proxy with OMi.

This section discusses only the security aspects of a reverse proxy. It does not discuss other aspects of reverse proxies, such as caching and load balancing.

A reverse proxy is an intermediate server that is positioned between the client machine and the web server(s). To the client machine, the reverse proxy seems like a standard web server that serves the client machine’s HTTP or HTTPS protocol requests with no dedicated client configuration required.

The client machine sends ordinary requests for web content, using the name of the reverse proxy instead of the name of a web server. The reverse proxy then sends the request to one of the web servers. Although the response is sent back to the client machine by the web server through the reverse proxy, it appears to the client machine as if it is being sent by the reverse proxy.

OMi supports a reverse proxy in DMZ architecture. The reverse proxy is an HTTP or HTTPS mediator between the OMi data collectors/application users and the OMi servers.

Reverse proxy configuration

The use of a reverse proxy is illustrated in the diagram below. Your data collectors may access OMi through the same virtual host or a different virtual host as your application users. For example, your environment may use one load balancer for application users and one load balancer for data collectors.

Reverse proxy OMi support should be configured differently in each of the following cases:

Scenario # OMi Components Behind the Reverse Proxy
1 Data collectors (SiteScope, Data Flow Probe, OpsCx, Operations Agent)
2 Application users
3 Data collectors and application users