Securing SMS Gateway

By securing SMS Gateway, you can reduce your exposure to vulnerabilities such as denial-of-service attacks. Configuring security is especially important if you deploy SMS Gateway to a public cloud because it can be accessed by anyone that can send a REST request.

• Connecting through a forward proxy server

  If your organization requires that connections pass through forward proxy servers, configure the proxy server for connections to the SMS provider and the Watson Assistant service.

• Configuring authentication for the SMS provider webhook

  The webhook that you configure in your SMS provider connects it to SMS Gateway so they can exchange information using HTTP requests. For additional security, you can configure HTTP Basic authentication for the webhook in the SMS Gateway configuration.

• Configuring authentication for the REST API

  You can configure HTTP Basic authentication for the REST API that controls SMS sessions. When authentication is configured, you must authenticate to send any REST requests.

• Configuring SSL and TLS encryption

  You can secure connections between SMS Gateway, the SMS provider, and Watson Assistant using SSL and TLS encryption. Note that because SMS providers typically don't support self-signed certificates, you must purchase a certificate from a well-known certificate authority that is trusted by your SMS provider.

• Configuring TLS for the XSLD caching server

  Highly available SMS Gateway environments require a WebSphere® eXtreme Scale Liberty Deployment (XSLD) distributed caching server. You can secure connections between the XSLD instances and between the XSLD instances and SMS Gateway by configuring TLS encryption for the XSLD instances.