MQ Enterprise Security Suite Overview
The MQ Enterprise Security Suite (MQESS) is a new solution that provides authentication and data protection (Channels and Queues) for WebSphere MQ.
MQ Enterprise Security Suite is comprised of:
- MQ Authenticate Security Exit for Authentication
- Authenticate a user against the server's native OS (or against a File) or a remote LDAP server
- Support for Proxy UserIDs
- Allow or restrict the incoming 'IP address', 'UserId', 'SSL DN' & 'AD Server Name'** against a regular expression pattern
- Reject the incoming 'IP address', 'UserId', 'SSL DN' & 'AD Server Name'** against a regular expression pattern
- Allows or restricts the incoming AD server name against a regular expression pattern (Windows only)
- Limit the number of incoming channel connections on a SVRCONN channel.
- Allow or restrict the use of 'mqm', 'MUSER_MQADMIN' or 'QMQM' UserIDs
- Includes a CHAD exit used to secure cluster channels
- Ability to turn off server-side authentication
- Provides monitoring tool tie-in by using custom MQ event messages
- Provides logging capability for all connecting client applications regardless if they were successful or not.
- MQ Channel Encryption for Data Protection for Channels
- Can be configured as either queue manager to queue manager or client application to queue manager solution
- For both modes, all message data flowing over a channel will be encrypted (nothing missed or forgotten)
- Secure encryption/decryption methodology using AES with 128, 192 or 256-bit keys
- Easy to set up and configure (unlike SSL)
- No application changes required
- Uses the SHA-2 to create a cryptographic hash function (digital signature)
- Standard MQ feature, GET-with-Convert, is supported
- Provides high-level logging capability for encryption / decryption processing
- MQ Message Encryption for Data Protection for Queues
- All message data written to a selected queue will be encrypted (nothing missed or forgotten)
- Secure encryption/decryption methodology using AES with 128, 192 or 256-bit keys
- Easy to set up and configure (unlike SSL)
- No application changes required
- Standard MQ feature, GET-with-Convert, is supported
- Provides high-level logging capability for encryption / decryption processing
- Major features are:
- Major features are:
- Major features are:
MQESS will operate with WebSphere MQ v6.0 or v7.0 in Windows, IBM i (OS/400), Unix and Linux environments.
Pricing
- The MQESS server-side components are provided in the format of a native DLL / shared library and are currently available for AIX, HP-UX, IBM i (OS/400), Linux, Solaris and Windows. The pricing of MQESS is on a 'per queue manager' basis.
| Operating System | WMQ v6.0, v7.0, v7.1 & v7.5 |
| AIX v5.3, v6.1 & v7.1 | 64-bit |
| HP-UX IA64 v11.23 or higher | 64-bit |
| HP-UX RISC v11.00 & v11.11 | 64-bit |
| IBM i 5.4 & 6.1 & 7.1, i5/OS V5R3 & OS/400 | 64-bit |
| Linux x86 | 32-bit |
| Linux x64 | 64-bit |
| Linux on POWER | 64-bit |
| Linux on zSeries | 64-bit |
| Solaris SPARC v8, v9, v10 & v11 | 64-bit |
| Solaris x86_64 v10 & v11 | 64-bit |
| Windows NT, 2000, 2003, 2008, XP Pro & 7 | 32-bit |
- The MQESS client-side components are included for FREE and can be distributed to an unlimited number of remote servers or PCs with MQ client applications (the user only pays for the server-side licenses).
| Product | Price (USD) * | Ordering |
| MQ Enterprise Security Suite (per license**) | $999.00 | |
| Yearly maintenance and support fee | 15% | |
| Total | $1149.00 | Order Now |
* Volume discounts available for as low as $799.00 USD per license plus 15% yearly maintenance and support fee.
** MQ Enterprise Security Suite is licensed on a per queue manager basis.
- Each licensed user will receive:
- Full version of MQ Enterprise Security Suite
- Free updates / upgrades to any version 1.x release.
- Free email/ Help Desk support
| Enterprise License for MQ Enterprise Security Suite: |
| Enterprise License for MQ Enterprise Security Suite sells for $180,000 USD plus 15% yearly maintenance and support fee. An enterprise license will allow a company to have unlimited number of queue managers use MQESS at an unlimited number of locations. |