The purpose of this guide is to introduce the reader to the MyPass Gateway server, it’s function as well as the requirements and procedure to deploy a single (or multiple gateway servers) within the customer network.
The MyPass Password Manager Gateway (often referenced to as the MyPass Gateway) is the core integration component that allows secure remote communications between the MyPass Password Manager and on-premise / cloud customer credential repositories.
The MyPass Gateway creates a secure channel to allow interaction with credential repositories as well as smart email routing to hosts within the customer network for notification purposes.
How does it work?
The MyPass Gateway, functions by creating a secure communications channel between the MyPass Password Manager solution as the customer internal environment. In this way, all password reset operations issued via the MyPass Web Client, is securely sent to the MyPass Gateway for local delivery to target systems. In this way the MyPass Gateway can issue secured or unsecured password reset transactions within the boundaries of the customer environment, while all sensitive content is transmitted via the secure channel between the MyPass Password Manager and the MyPass Gateway.
This however is not the complete story, since the MyPass Gateway is also intelligent enough to (if required) route SMS and email traffic to local customer smart hosts for safe delivery.
All communications between the MyPass Password Manager solution and the MyPass Gateway is encrypted using SSL certificates. It is however recommended that all machines used as MyPass Gateway server are patched and scrutinized for security optimizations, while special care should be taken related to secure storage of user account and password details relating to the operation of the server.
For more “Security Hardening” guidance relating to the MyPass Gateway, refer to the following article.