Privacy

IBM® software products, including software as a service solutions, ("Software Offerings") might use cookies or other technologies to collect product usage information, to help improve the user experience, to tailor interactions with the user, or for other purposes. In many cases no personally identifiable information is collected by the Software Offerings. Some of our Software Offerings can help you to collect personally identifiable information. The information that follows is specific to this Software Offering.

The IBM MQ protocol requires full duplex data flows over HTTP. To satisfy this requirement, the HTTP features of IBM MQ Internet Pass-Thru use cookies to coordinate pairs of related network connections. These cookies record the following information:

• An anonymous session identifier
• The MQIPT route destination IP address or DNS host name
• The MQIPT route destination TCP/IP port number

Use of HTTP is disabled by default. If HTTP is enabled, cookies are required for correct MQIPT operation.

MQIPT can optionally record connection log files of network connections. These files might include the following information:

• IP addresses and DNS host names
• TCP/IP port numbers
• Digital certificate identity information (but not private keys)
• Additional information logged by security exits or certificate exits, if they are used. IBM supplies some sample exits with MQIPT which record IP addresses, DNS host names, TCP/IP port numbers and IBM MQ channel names. We can also use other exits which might record other details. By default, no exits are enabled.

The connection log is an optional feature of MQIPT. It is disabled by default, although it is enabled in the supplied sample configuration file mqiptSample.conf. Any configuration based upon the sample is therefore likely to use a connection log. The connection log can be disabled by setting the ConnectionLog property to false in the [global] section of mqipt.conf. Connection log files are never automatically transferred outside the system where MQIPT is running; they are only written to the local disk.

MQIPT can also optionally record trace files for problem diagnosis. These files might include the following information:

• IP addresses and DNS host names
• TCP/IP port numbers
• Digital certificate identity information (but not private keys)
• IBM MQ object names, such as queue manager names, channel names, and queue names
• The content of any IBM MQ messages that flow through MQIPT (except in SSLProxyMode routes when the connections are encrypted)

The trace facility is an optional feature of MQIPT that is disabled by default. Trace can also be disabled in mqipt.conf by removing all Trace lines or changing all Trace lines to Trace=0 (where zero indicates that trace is disabled). Trace files are never automatically transferred outside of the system where MQIPT is running; they are only written to the local disk.