Implementing secure gateway server for ServiceDesk Plus

Implementing secure gateway server for ServiceDesk Plus

As per the RBI guidelines, FOS and Secure Gateway Server features are mandatory for all hosted software used in the banking domain. We can achieve a service gateway server in the service desk plus by following the below steps:
Steps to Integrate with NGinx Server:

  • What is NGinx server? NGINX is a web server that also acts as an email proxy, reverse proxy, and load balancer.

 

 

  • We need to install nginx server in the Separate server which is in the DMZ Zone

 

  • Extract the downloaded zip file.

 

  • After extracting the zip file, need to modify the nginx.conf file to enable URL restriction for mobile apps.

 

  • Open the nginx.conf file which is available under "nginx/conf/" directory.

 

  • Replace the nginx.conf file with the below configuration file.

                   Nginx Configuration file: refer to the nginx attached file

 

Refer to the below configurations to configure the NGinx server's port.

  server {
      # Below to change the nginx server's port
        listen       80; 
  #Refer to the below configuration to configure the nginx domain

  • Refer to the below configurations to configure the ServiceDesk Plus server name/IP and port in nginx.conf file. For Example,

upstream internalserver {
    server 192.168.18.280:8080;
}
  # Default is HTTP Mode
  location ~ /api/v3/requests/([0-9]+) {
     if ($request_method = GET) {
          proxy_pass http://internalserver;  
     }
           if ($request_method = PUT) {
          proxy_pass http://internalserver;  
     }
           if ($request_method = POST) {
          proxy_pass http://internalserver;  
     }
  
  }
#If you wish to change to HTTPS Mode change all the proxy_pass http://internalserver to https://internalserver
     location ~ /api/v3/requests/([0-9]+) {
     if ($request_method = GET) {
          proxy_pass https://internalserver;  
     }
           if ($request_method = PUT) {
          proxy_pass https://internalserver;  
     }
           if ($request_method = POST) {
          proxy_pass https://internalserver;  
     }
}
  

  • Refer to the below configurations to run the nginx server in https mode.

    

  # HTTPS server
    
    server {
        listen       443 ssl;
        server_name  localhost;
       # If you place crt and key files under nginx\conf folder then we also use the path "\nginx\conf\cert.crt"
        ssl_certificate      cert.crt;
        ssl_certificate_key  cert.key;
 
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
 
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
 
        location / {
           proxy_pass://localhost:8080;
 
        }
}

  • Start the nginx server

 

     Open the command prompt, under the nginx server installed directory and execute the below command.

                                Command: start nginx.exe (or) start nginx

     Use the below command to shutdown the nginx server

                                Command for fast shutdown: nginx -s stop  

        Command for graceful shutdown: nginx -s quit 

Note:

  • Refer to the below configurations to configure the ServiceDesk Plus server name/IP and port.

 

location /api/v3/mobile_devices  {
    # Below to configure the servicedeskplus server details
     proxy_pass  http://192.168.19.35:8080;
}

  • Refer to the below configurations to redirect the mobile app URLs to ServiceDesk Plus server.

 

location /api/v3/app_resources/authenticate {
     proxy_pass http://192.168.19.35:8080;
}
# whitelist the api/v3/solutions (GET) by below configuration
location ~ /api/v3/solutions/([0-9]+) {
    if ($request_method = GET) {
     proxy_pass http://localhost:8080;  
    }
}
# Other url's are blacklisted by using below configuration
location / {
    # block this url Or redirect to error page
   proxy_pass http://192.168.19.35:8080/jsp/pagenotfound.jsp;
}
        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                  See all integrations
                  New to ADManager Plus?

                    New to ADSelfService Plus?

                    Start your free trial

                      • Related Articles

                      • Best Practices to Secure the application (ServiceDesk Plus - MSP & Supportcenter Plus)

                        This document is common for ServiceDesk Plus MSP and Supportcenter Plus application Best practices to avoid threats: Upgrade to the latest version and builds. Reset the password of bundled accounts (administrator and guest) Enable two-factor ...

                      • How to integrate ServiceDesk Plus MSP with WhatsApp business.

                        This article provides steps for integrating ServiceDesk plus MSP with WhatsApp (business). Note: This integration is compatible with versions 14600 & above. Before you begin, ensure you've reviewed the following prerequisites: Ensure your ServiceDesk ...

                      • How do I host ServiceDesk Plus MSP on the internet?

                        In order to make ServiceDeskPlus – MSP available for users in Internet, let us assume the following scenarios.   Scenario 1: ServiceDesk Plus – MSP is installed in LAN and should be available in LAN and WAN: Assume ServiceDesk Plus – MSP is installed ...

                      • Linux to Windows server migration

                        The following instructions will help you migrate the ServiceDesk Plus MSP from Windows to Linux Server 1. Goto the installation folder. [The default installation folder is Drive:/AdventNet/ME/ServiceDesk/. The installation folder will now be referred ...

                      • How do I move ServiceDeskPlus – MSP from one server to another server?

                        Following are the steps to move data from the existing server to a new server.  Before you start, click stop fetching under Admin->Mail Server Settings->Incoming in your existing instance. So that the mails in the servicedesk mailbox will be fetched ...

                        Related Products