lndcentral.com
Advanced Search
 

Welcome to lndcentral.com
Submit a Story Calendar Links Forum Journals Site Stats RSS/Avantgo
Sun, 05Feb12, 03:55 PM EST
 User Functions 
Username:

Password:

Don't have an account yet? Sign up as a New User


 Site Navigation 
Home

Topics
In the News
Lotusphere 2005
Other Events
User Groups
Microsoft
Competition (Other)
3rd Party Products
Notes/Domino 5/6
Notes/Domino 5/6 tech.
Notes/Domino 7 beta
Lotus Workplace
Websphere Portal
IBM WP Client Technology
Eclipse
Quickplace
Sametime
Domino.Doc
Site News

Other
Event Calendar
Links
Forum
Journals
Polls
Stuff Store
Amazon Shop
Privacy Policy



 What's New 
STORIES
No new stories


COMMENTS last 48 hrs
No new comments


 Forum posts 
Order By:New Views Posts
Latest 5 Forum Posts
Lotus Notes/Domino..
 By:  wlloyd
 On:  10/06/05 11:49 AM
 Views 15220 Replies 0
Could you fix this..
 By:  Admin
 On:  03/08/05 17:26 PM
 Views 15637 Replies 1
URGENT Action Need..
 By:  Marshall Wilensky
 On:  01/23/05 14:50 PM
 Views 15560 Replies 0
ESPN SportsZone - ..
 By:  EaglesFan
 On:  01/17/05 16:42 PM
 Views 16619 Replies 0
Certifications at ..
 By:  Steve
 On:  11/10/04 21:19 PM
 Views 15461 Replies 1


 Older Stories 
Monday 17-Jan
  • Subsciption Services, and URL Bookmarking for Domino.Doc (0)

    • Friday 07-Jan
  • 5th annual Lotusphere sessions db available (0)

    • Thursday 23-Dec
  • Business Partner Application Showcase (0)

    • Wednesday 03-Nov
  • Apache Tomcat (1)

    • Tuesday 26-Oct
  • Trust Always Matters (3)

    • Thursday 14-Oct
  • Google Desktop Search (3)

    • Friday 08-Oct
  • Domino vs. Exchange debate? Not likely. (0)

    • Monday 27-Sep
  • Armor2net Personal Firewall (1)
  • IDC Report (0)
  • PureEdge Delivers XML E-forms for IBM Lotus Workplace 2.0 (0)
    		•


     Top Links 

    Site NameHits
    developerWorks: Developing Struts with Easy Struts for Eclipse4309
    Greyhawk's Meanderings3724
    codestore3662
    Genii Blog3462
    vowe.net3449
    benpoole.com3384
    notes.net a.k.a. IBM Developerworks3363
    OpenNTF3048
    Granite - Chicago Lotus User Group2893
    Notestips2815

    More Links


     Google Search 
    Powered By Google


     Got Ethics? 
    Learn about business ethics from the Radicati Group.


     Get Firefox 

    Get Firefox!




       
    Mon, 28Jun04, 09:12 PM EDT Contributed by:jmichael Views: 2134

    Notes/Domino 5/6 tech.

    Here's an idea for a forum that doesn't seem to exist anywhere so far. The only topic would be Extreme Security.

    I am currently involved in a project with some pretty interesting security requirements. The office discussions about some of these issues are extremely interesting and I think that a forum to talk only about implementing extremely secure Domino environments could be quite interesting also. It's probably so interesting because it involves not just the technical questions of how to get mail from here to there. There's a bit of psychology, some philosophy and a lot of politics also.

    Some topics that could get a forum like that started: ...



    Everybody knows you have to trust your Admin team. But what if you would prefer to work under the motto of "We don't trust anyone." - the curent project doesn't go quite that far, but it's a fun mind game: How would you implement Notes and Domino in an environment where you don't [want to] trust anyone.

    Assume you want no single administrator to have access to both the password and the ID file for any ID file other than her own. Sounds good, but implementation and 'living it' can be tricky.

    Sure, from a security point of view, having passwords on Domino server IDs makes a lot of sense. In real life however, passwords on server IDs are a major hassle and cause trouble after a crash or power failure. What's the best solution?

    We are all aware that there are only two things between an administrator's eyes and your sensitive information are ... ethics and encryption (and that only if all those user IDs are secure). We also know that encrypted stuff can't be scanned for nasty payloads, active content, and other bad stuff. You certainly want sensitive stuff encrypted, but you also want to keep bad stuff from causing problems. Sure you can have scanning software on the client PCs, but what if 2 or 3 out of a couple of thousand don't get updated and cause a major mess? How do you attempt to solve both problems?

    Of course, not just Domino administrators have access to the server room, there are other systems admins, the networking guys and a few others. You feel it's enough to have to trust your Notes admins, you really don't want to have to trust all those other folks when it comes to everything you have inside Domino. Make sure to watch out for the networking guys! Hide Domino servers from your users behind their own firewall that pretty much only opens 1352, enable port encryption on everything, keep all the server cabinets locked up like Fort Knox. Only give OS passwords to the Notes admins. What else would you do?

    So, if there is any interest in a crazy-whacko security forum like that, I'll set one up here.

             

    "High Security Forum" anyone? | 1 comments | Create New Account
    The following comments are owned by whomever posted them. This site is not responsible for what they say.

    "High Security Forum" anyone?
    Authored by: tcgathens on Wed, 07Jul04, 10:04 AM EDT
    Hold off on your forum. I will be launching my Blog later today or tomorrow and will be covering issues/discussions like this (business controls is the focus)...you can pull it off of RSS...
    [ Reply to This ]
     What's Related 
  • More by jmichael
  • More from Notes/Domino 5/6 tech.
    		•


     Story Options 
  • Mail Story to a Friend
  • Printable Story Format
    		•



    Dessous zum Verlieben lndcentral.com News Feeds Powered By GeekLog 
    Created this page in 0.14 seconds