Expand my Community achievements bar.

SOLVED

AEM Functionalities

Avatar

Level 10

Hi,

Kindly suggest whether the following features are supported by AEM 6.1/6.2:

  1. Internationalization:: Can add new languages, for example, Chinese (PRC), Chinese (Taiwan), German
  2. Multiple platform publishing: Could AEM publish to any any system, other than a Publisher?
  3. Security monitoring and management: login/ operation/ system log (real-time display, and log download)
  4. AEM does mitigate Denial of Service (DoS) Attacks. Will it also handle DDOS (Distributed Denial of Service)?

  5. Does AEM Prevent malicious file upload?
  6. Does AEM Support direct HTML input, to quickly generate page? May be by putting this HTML code in the page component?

Appreciate your help.

Thanks,

Rama.

1 Accepted Solution

Avatar

Correct answer by
Level 8

My thoughts below:

  1. Internationalization - the tool will support as many languages as you want. If you talking about adding additional language for sites you manage in the tool see the translation and multi-site manager sections of the documentation (https://docs.adobe.com/docs/en/aem/6-2/administer/sites/translation.html and https://docs.adobe.com/docs/en/aem/6-2/administer/sites/msm.html). If you mean adding additional languages to the administration tool - either in the consoles or in your custom dialogs see https://docs.adobe.com/docs/en/aem/6-2/administer/sites/translation.html.
  2. Publishing - out of the of the box the only other target supported for replication is the Static Agent which you can configure to generate static resources which can then be transferred to some other system (the transfer is something custom you have to set up).  See this page for info on that. In addition there are several other methods for making content available to other systems:
    1. Once you replicate to Publish other systems can directly access content from publish - either as HTML fragments or JSON for example. 
    2. You can also create custom replication agents with customer content builders that would integrate with other systems. This could become very complicated very quickly so I'd lean towards some sort of simply noticiation that new content is available and then let consuming application pull content via REST from publish. 
  3. Security management - See the documentation around operations monitoring (https://docs.adobe.com/docs/en/aem/6-2/administer/operations.html). There isn't much out of the box around security monitoring. You can however use something like Splunk or other log aggregaters to pull security metrics out of the logs (by configuring a specific log file that handles specific security related log categories. 
  4. AEM doesn't provide any specific functionality around DDOS attacks. Realistically that kind of protection has to happen well above the application layer at the edge of you network. What you can do is reduce the impact of a DDOS attack on an AEM system by following the measures documented in the standard security list (https://docs.adobe.com/docs/en/aem/6-2/administer/security/security-checklist.html). 
  5. Malicious file uploads - I don't know of anything out of the of the box. Generally that philosophy around things like cross site scripting is not prevent the upload, but to filter it out on display. Doesn't necessarily work with file uploads however. I have in the past integrated 3rd party products to workflows that handle this issue. 
  6. Direct HTML input - yes AEM can support this basically with a custom template that basically has one text field in the page properties that let's you copy and paste in the HTML of the page. It's not really best practice - it can lead to all sorts of bad things but you can definitely make it work.  

View solution in original post

2 Replies

Avatar

Correct answer by
Level 8

My thoughts below:

  1. Internationalization - the tool will support as many languages as you want. If you talking about adding additional language for sites you manage in the tool see the translation and multi-site manager sections of the documentation (https://docs.adobe.com/docs/en/aem/6-2/administer/sites/translation.html and https://docs.adobe.com/docs/en/aem/6-2/administer/sites/msm.html). If you mean adding additional languages to the administration tool - either in the consoles or in your custom dialogs see https://docs.adobe.com/docs/en/aem/6-2/administer/sites/translation.html.
  2. Publishing - out of the of the box the only other target supported for replication is the Static Agent which you can configure to generate static resources which can then be transferred to some other system (the transfer is something custom you have to set up).  See this page for info on that. In addition there are several other methods for making content available to other systems:
    1. Once you replicate to Publish other systems can directly access content from publish - either as HTML fragments or JSON for example. 
    2. You can also create custom replication agents with customer content builders that would integrate with other systems. This could become very complicated very quickly so I'd lean towards some sort of simply noticiation that new content is available and then let consuming application pull content via REST from publish. 
  3. Security management - See the documentation around operations monitoring (https://docs.adobe.com/docs/en/aem/6-2/administer/operations.html). There isn't much out of the box around security monitoring. You can however use something like Splunk or other log aggregaters to pull security metrics out of the logs (by configuring a specific log file that handles specific security related log categories. 
  4. AEM doesn't provide any specific functionality around DDOS attacks. Realistically that kind of protection has to happen well above the application layer at the edge of you network. What you can do is reduce the impact of a DDOS attack on an AEM system by following the measures documented in the standard security list (https://docs.adobe.com/docs/en/aem/6-2/administer/security/security-checklist.html). 
  5. Malicious file uploads - I don't know of anything out of the of the box. Generally that philosophy around things like cross site scripting is not prevent the upload, but to filter it out on display. Doesn't necessarily work with file uploads however. I have in the past integrated 3rd party products to workflows that handle this issue. 
  6. Direct HTML input - yes AEM can support this basically with a custom template that basically has one text field in the page properties that let's you copy and paste in the HTML of the page. It's not really best practice - it can lead to all sorts of bad things but you can definitely make it work.  

Avatar

Level 10

Hi,

All these answers are appropriate.

This has served my purpose well.

Thanks a million for this reply.

Thanks,

Rama.