This topic describes the BMC Remedy AR System security architecture.
The IT environment and network infrastructure in which your BMC Remedy AR System runs must be properly secured and include standard IT network security tools and systems such as firewalls and intrusion detection systems (IDS).
The BMC Remedy AR System architecture is multi-tiered; it consists of a Presentation layer, a Logic layer, and a Data layer as shown here.
BMC Remedy AR System security architecture diagram
(Click the image to expand it.)
The Presentation layer consists of the web browser client connected to the mid tier with secure socket layer (SSL) encryption. You must implement SSL to secure the connection between the browser and the web server. BMC supports any SSL version that is supported by the HTTP web services vendors listed in the BMC Remedy AR System Compatibility Matrix (see Checking system requirements and supported configurations).
The Logic layer includes instances of a mid tier, a JavaServer Pages (JSP) engine, a web server, and the BMC Remedy AR System server. The JSP engine and accompanying servlets provide dynamically generated HTML and XML documents in response to web client requests. The mid tier installer includes and can automatically install a bundled version of the Tomcat web server.
The mid tier translates client requests, interprets responses from the BMC Remedy AR System server, handles web service requests, and runs server-side processes that present BMC Remedy AR System functionality to the client from the BMC Remedy AR System server. The server executes workflow and business logic that define all BMC Remedy AR System applications. Because all BMC Remedy AR System clients are API-based, turning on encryption ensures that all interactions with the server are encrypted.
The Data layer consists of one or more databases, which perform data storage and retrieval functions. The BMC Remedy AR System server connects to the Data layer using database client API libraries. The server can work with the database encryption libraries used to protect data that is transmitted between the server and database.