Figure 1: Architecture of SE servers
The SE Manager of each MU enables you to operate and manage all components of the SE server centrally. The SE Manager offers a user-friendly, web-based user interface for this purpose.
The Net Unit offers maximum performance and security for internal communication in an SE server and for a connection to customer networks (IP networks).
Security-relevant actions
The following settings and measures, which are relevant to security, must only be implemented on one MU of the SE server configuration:
You can configure user accounts and assign individual authorizations for operator accounts. See section "Role strategy and user accounts".
To use centrally managed accounts (LDAP accounts), you have to set up and configure an LDAP access, see section "Configuring access to an LDAP server"
The following settings and measures, which are relevant to security, must be implemented on each MU of the SE server configuration:
You must define the configuration of the IP addresses and networks in the same way for both MUs, see chapter "Network security".
You must define the security settings for service access on each MU, see section "Using the "shadow terminal" function" and section "Access to external assets".
At each MU where you call the SE Manager, you must confirm or import the certificate of this MU, see section "Digital certificates".