PolicyCenter and secure communications

A strong password policy is the first and best line of defense. Guidewire also recommends the following:

• Encrypt the communication between the Internet and the PolicyCenter server or cluster.
• Configure a separate server to act as an intermediary layer between the Internet and any PolicyCenter server or servers. Typically, you locate this intermediary server in a DMZ that you establish through your network architecture.

If you off-load encryption to a server, understand that non-native encryption processing is not as efficient. Native applications generally use optimized encryption modules.

You can use a web server or proxy both to encrypt communications and to provide a layer between the Internet and a PolicyCenter server. Computer network terminology generally calls a server working as an intermediary in this manner a reverse proxy. There are multiple methods you can use to achieve an encrypted proxy solution.

See also

• The PolicyCenter connection address