You might want to consider putting in a separate Notes server and turning
on the Web interface. If you place this machine in a DMZ, then you can
firewall all but port 80 and 433, SSL encrypt the Domino interface, and
replicate designated mail databases to the server. This gives users access
from any system with a browser as opposed to limiting them to systems that
have a Notes client installed with an appropriate Notes ID file. Mobile
users appreciate the enhanced mobility enabled by relying only on a web
browser.
By replicating only designated mail databases to the server you lessen the
exposure (and risk). If you open up access to your main mail server, a
successful intrusion grabs your entire mail system.
--------------------------------------------
Andrew Walls, IT Security Analyst, BankWest
40 Frame Ct., Leederville, WA, 6007, Australia
61-8-9449-3787, FAX 61-8-9449-3795 Mobile 0419926368
PGP Fingerprint: E0F7 296E D6D5 6057 1E1D F61B 2602 CB8A
---------------------------------------- Message History
----------------------------------------
From: [EMAIL PROTECTED] on 21/08/99 12:57
To: [EMAIL PROTECTED]
cc: [EMAIL PROTECTED], [EMAIL PROTECTED] (bcc: Andrew
Walls/PRS/SS/BankWest)
Subject: Re: Lotus Notes Server.
>>With one caveat, the user must choose to encrypt their network traffic.
>>This is off by default. You have to do a File--> Tools--> User
>>Preferences--> Ports--> Encrypt Network Data. This has to be done on
>>each remote workstation.
If the server is set to encrypt network traffic for the protocol the user
connects with, the client will be forced to encrypt as well -- it's not
necessary to change all the clients.
David S. Stahl
President, CTCS/Dalsom Inc.
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
_______________________________________________________________________________
Unencrypted electronic mail is not secure and may not be authentic.
If you have any doubts as to the contents please telephone to confirm.
This electronic transmission is intended only for those to whom it is
addressed. It may contain information that is confidential, privileged
or exempt from disclosure by law. Any claim to privilege is not waived
or lost by reason of mistaken transmission of this information.
If you are not the intended recipient you must not distribute or copy this
transmission and should please notify the sender. Your costs for doing
this will be reimbursed by the sender.
_______________________________________________________________________________
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
