Best Practices Domino Security - Nash!

More documents

Recommendations

Info

Security for Paranoid Admins Only allow people to access servers listed in the Domino directory Be carefull in a multi-domain environment New settings in Server Access Section allow all users listed in Directory + extra Groups (e.g. Guests) Compare public keys Use password change intervals and password checking The first days after enabling this feature you might have a lot of hotline calls -> users with old public keys, settings, ... Restrict usage of single ports in the Notes.ini Allow_Access_portname=names Deny_Access_portname=names
Best Practices Reader Access Reader fields If there is a non-empty reader field you have to be listed in one of those by name or group membership This does also apply to servers and Admins!!! But does not apply to the Full Access Administrator in D6 ;-) Each database should contain an "AdminReadAccess" role This role should be given to all servers and admins to ensure replication & support Tip: Add a computed Author Field containing this role to ensure Admin/Server full access to all documents Author fields are "Read/Writers" fields and give document access also when reader fields a specfied.
Page 2 and 3: Best Practices Domino Security BP11
Page 4 and 5: Agenda General Considerations Hardw
Page 6 and 7: An holistic approach to Domino Secu
Page 8 and 9: Report Security Concerns/Bugs Don't
Page 10 and 11: Network Security Network infrastruc
Page 12 and 13: Secure Shell (SSH) Linux Normally i
Page 14 and 15: Notes.ID Password Security Sadly th
Page 16 and 17: Password Quality Checking Use passw
Page 18 and 19: Security by Obscurity Hiding inform
Page 20 and 21: Sample ECL Settings
Page 22 and 23: Centralized ECL in Domino Directory
Page 24 and 25: ACL & Security Disable -Default- ac
Page 28 and 29: Know Issue with Reader&Author/Field
Page 30 and 31: UserNames List The user names list
Page 32 and 33: Internal Views ($ServerAccess) Is u
Page 34 and 35: Encryption of Local Databases Encry
Page 36 and 37: Caveats for Encryption Encrypted fi
Page 38 and 39: Web-Security "Anonymous"" matches b
Page 40 and 41: Stored Forms Stored Forms can be us
Page 42 and 43: Client Security Settings
Page 44 and 45: Check Effective access Check access
Page 46 and 47: Domino 6 Directory Assistance Suppo
Page 48 and 49: Full Access Administrators Addition
Page 50 and 51: Disable the Full Access Administrat
Page 52 and 53: New Agent-Restriction Settings Unre
Page 54 and 55: D6 Agent Manager Security Changes I
Page 56 and 57: Notes 6 User Client Access Security
Page 58 and 59: Interesting Articles http://www.ibm

Best Practices Domino Security - Nash!

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?