SlideShare a Scribd company logo

Bewährte Praktiken für HCL Notes/Domino-Sicherheit Teil 1: Der Notes-Client

panagenda
panagenda

This document summarizes a presentation on best practices for securing HCL Notes/Domino. It discusses securing client-server communication through encryption settings, safeguarding data in local replicas with encryption and access controls, protecting the client from untrusted code using execution control lists, staying up-to-date with security updates, and using authentication security practices like password policies and single sign-on. Commercial services from panagenda can help organizations implement these security configurations and topics.

Software
1 of 19
Download to read offline
Make Your Data Work For You Best Practices for HCL Notes/Domino Security Part 1: The Notes Client 16th March 2021
Daniel Klas @panagenda Inbound Marketing Coordinator panagenda Marc Thomas @IAM_Mthomas Senior Consultant panagenda Speakers Join the conversation using #NotesDominoSecurity & @panagenda
Agenda 1. Introduction 2. Secure client-server communication over any port (with and without SafeLinx) 3. Safeguarding data in local replicas/databases 4. Protecting the client environment from running untrusted code 5. Staying current with security updates 6. Authentication security
1. Introduction – Available clients • Available clients – HCL Notes – Basic configuration – HCL Notes – Standard (incl. Eclipse) – HCL Notes – Standard (incl. Eclipse + Admin and/or Designer client) – HCL Client Application Access – aka HCAA – HCL Nomad – mobile app for Android – HCL Nomad – mobile app for iOS/iPadOS – HCL Nomad Web (beta) – via Browser – HCL Verse – via Browser
2. Secure client-server communication – Client • NRPC port settings – NRPC = Notes remote procedure call – Port 1352 – Legacy • LAN0 / COM(.*) / DisabledPorts → Should be removed – Port settings in notes.ini • Ports=TCPIP • TCPIP = TCP,0,15,0,,45056, → with encryption only • TCPIP = TCP,0,15,0,,45088, → with encryption & compression • TCPIP = TCP,0,15,0,,12288, → DEFAULT - without encryption & compression
2. Secure client-server communication – Server • Legacy/Default port encryption for Notes/Domino – RC4 128Bit (Rivest Cipher 4) • Best practice settings for port encryption on Domino server >= 9.0.1 Fix Pack 7 – AES-GCM 128Bit (Advanced Encryption Standard) – notes.ini → PORT_ENC_ADV=84 • See the following Technote for details and read before you use the parameter: – https://help.hcltechsw.com/domino/11.0.1/admin/conf_port_enc_adv_r.html
2. Secure client-server communication – mobile app • HCL Nomad mobile app – Classic → NRPC (direct using VPN/Passthrough) – New → SSL Tunneling (port 443) using Nomad Proxy aka HCL SafeLinx
3. Safeguarding data in local replicas/databases • Local replicas of (Domino) server databases – One of the most powerful features of Notes/Domino is “Replication” – Almost every customer has local replicas on some or on all Notes clients (managed and/or unmanaged) – Local replicas in general should always be encrypted – Use “Strong Encryption” or even better “128 bit AES”
3. Safeguarding data in local replicas/databases (cont.) • Access Control List (ACL) of local replicas – Use the option “Enforce a consistent Access Control List” in the ACL’s of your server Application Databases to ensure ACL is identical on all replicas (incl. local).
4. Protecting the client environment from running untrusted code • Execution Control List (ECL) – The ECL takes care that code only gets executed if the “code signer” is trusted – Either a user or admins can put “signers/users” on the ECL – Using an Administration-ECL or manage the ECL (incl. lock down) is highly recommended and also ensures that a user cannot add users/Signers to the list • If a user then gets an “Execution Security Alert” → it is a security alert!
5. Staying current with security updates • Do you remember our first slide? • Available clients – HCL Notes – Basic configuration – HCL Notes – Standard (incl. Eclipse) – HCL Notes – Standard (incl. Eclipse + Admin and/or Designer client) – HCL Client Application Access – aka HCAA – HCL Nomad – mobile app for Android – HCL Nomad – mobile app for iOS/iPadOS – HCL Nomad Web (beta) – via Browser – HCL Verse – via Browser
5. Staying current with security updates (cont.) • Do you remember our first slide? • Available clients and latest releases – HCL Notes 11.0.1 FP2 SHF46 – Basic configuration – HCL Notes 11.0.1 FP2 SHF46 – Standard (incl. Eclipse) – HCL Notes 11.0.1 FP2 SHF46 – Standard (incl. Eclipse + Admin and/or Designer client) – HCL Client Application Access 3.0.3 – aka HCAA – HCL Nomad 1.0.15 20210219-1541 – mobile app for Android – HCL Nomad 1.0.11– mobile app for iOS/iPadOS – HCL Nomad Web (beta) – via Browser – HCL Verse 2.0.1 – via Browser
5. Staying current with security updates (cont.) • More security options – The newer the version, the more modern and better the security options and features • Vulnerability – The older the version, the higher the risk of being vulnerable – Check out this link (sorted in ascending order by date): https://support.hcltechsw.com/csm?id=kb_search&spa=1&language=en&u_document_type=Security%20B ulletin&kb_category=1ec026dc1b45730083cb86e9cd4bcb24
6. Authentication security • The following may sound silly, but – PLEASE use ID files protected with passwords – Use a Security-Policy to force password • expiration after xx days • complexity • Single Sign-On (SSO) may help here – Comfort combined with security – Notes Shared Login (NSL) • https://help.hcltechsw.com/domino/11.0.1/admin/conf_usingnotessharedlogintosuppresspasswordpr ompts_c.html – Notes Federated Login (NFL) • https://help.hcltechsw.com/domino/11.0.1/admin/secu_using_security_assertion_markup_language_saml _to_configure_federated_identity_authentication_t.html?hl=federated%2Clogin
- Commercial break - All the 6 topics and more can be easily covered/solved/managed by
Daniel Klas @panagenda Inbound Marketing Coordinator panagenda Marc Thomas @IAM_Mthomas Senior Consultant panagenda Q & A Join the conversation using #NotesDominoSecurity & @panagenda
Daniel Klas @panagenda Inbound Marketing Coordinator panagenda Marc Thomas @IAM_Mthomas Senior Consultant panagenda Thank you! Join the conversation using #NotesDominoSecurity & @panagenda
Daniel Klas @panagenda Inbound Marketing Coordinator panagenda Marc Thomas @IAM_Mthomas Senior Consultant panagenda Thank you! Join the conversation using #NotesDominoSecurity & @panagenda

Recommended

HCL Domino V12 - TOTP
HCL Domino V12 - TOTPHCL Domino V12 - TOTP
HCL Domino V12 - TOTP
Ales Lichtenberg
 
New! getting domino current is easier than you think v5
New! getting domino current is easier than you think v5New! getting domino current is easier than you think v5
New! getting domino current is easier than you think v5
Andy Porter
 
HCL Sametime Update (deutsch)
HCL Sametime Update (deutsch)HCL Sametime Update (deutsch)
HCL Sametime Update (deutsch)
eschwalb
 
Bewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-Server
Bewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-ServerBewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-Server
Bewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-Server
panagenda
 
Unboxing HCL Notes/Domino v12!
Unboxing HCL Notes/Domino v12!Unboxing HCL Notes/Domino v12!
Unboxing HCL Notes/Domino v12!
panagenda
 
MES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best PracticesMES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best Practices
Dylan Redfield
 
HCL Sametime 11.5 Meetings - A look behind the curtain
HCL Sametime 11.5 Meetings - A look behind the curtainHCL Sametime 11.5 Meetings - A look behind the curtain
HCL Sametime 11.5 Meetings - A look behind the curtain
eschwalb
 
Domino V10 and How to Get There - IBM Think 2019
Domino V10 and How to Get There - IBM Think 2019Domino V10 and How to Get There - IBM Think 2019
Domino V10 and How to Get There - IBM Think 2019
Dylan Redfield
 

Recommended

HCL Domino V12 - TOTP
HCL Domino V12 - TOTPHCL Domino V12 - TOTP
HCL Domino V12 - TOTP
Ales Lichtenberg
 
New! getting domino current is easier than you think v5
New! getting domino current is easier than you think v5New! getting domino current is easier than you think v5
New! getting domino current is easier than you think v5
Andy Porter
 
HCL Sametime Update (deutsch)
HCL Sametime Update (deutsch)HCL Sametime Update (deutsch)
HCL Sametime Update (deutsch)
eschwalb
 
Bewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-Server
Bewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-ServerBewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-Server
Bewährte Praktiken für HCL Notes/Domino-Sicherheit. Teil 2: Der Domino-Server
panagenda
 
Unboxing HCL Notes/Domino v12!
Unboxing HCL Notes/Domino v12!Unboxing HCL Notes/Domino v12!
Unboxing HCL Notes/Domino v12!
panagenda
 
MES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best PracticesMES102 - Verse on Premises 2.0 Best Practices
MES102 - Verse on Premises 2.0 Best Practices
Dylan Redfield
 
HCL Sametime 11.5 Meetings - A look behind the curtain
HCL Sametime 11.5 Meetings - A look behind the curtainHCL Sametime 11.5 Meetings - A look behind the curtain
HCL Sametime 11.5 Meetings - A look behind the curtain
eschwalb
 
Domino V10 and How to Get There - IBM Think 2019
Domino V10 and How to Get There - IBM Think 2019Domino V10 and How to Get There - IBM Think 2019
Domino V10 and How to Get There - IBM Think 2019
Dylan Redfield
 
HCL Sametime Meetings server upgrade to V11.6
HCL Sametime Meetings server upgrade to V11.6HCL Sametime Meetings server upgrade to V11.6
HCL Sametime Meetings server upgrade to V11.6
Ales Lichtenberg
 
HCL Sametime V11 - ENG
HCL Sametime V11 - ENGHCL Sametime V11 - ENG
HCL Sametime V11 - ENG
Ales Lichtenberg
 
HCL Nomad for Admins - ENG
HCL Nomad for Admins - ENGHCL Nomad for Admins - ENG
HCL Nomad for Admins - ENG
Ales Lichtenberg
 
HCL Sametime V11 installation - tips
HCL Sametime V11 installation - tipsHCL Sametime V11 installation - tips
HCL Sametime V11 installation - tips
Ales Lichtenberg
 
HCL Domino and Notes v12 are coming!
HCL Domino and Notes v12 are coming!HCL Domino and Notes v12 are coming!
HCL Domino and Notes v12 are coming!
panagenda
 
INF107 - Integrating HCL Domino and Microsoft 365
INF107 - Integrating HCL Domino and Microsoft 365INF107 - Integrating HCL Domino and Microsoft 365
INF107 - Integrating HCL Domino and Microsoft 365
Dylan Redfield
 
HCL Sametime V11 - Step by Step
HCL Sametime V11 - Step by StepHCL Sametime V11 - Step by Step
HCL Sametime V11 - Step by Step
Ales Lichtenberg
 
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
Ales Lichtenberg
 
HCL Sametime V11 - Step by Step v1.1 (include FP2)
HCL Sametime V11 - Step by Step v1.1 (include FP2)HCL Sametime V11 - Step by Step v1.1 (include FP2)
HCL Sametime V11 - Step by Step v1.1 (include FP2)
Ales Lichtenberg
 
HCL Sametime Meetings 11.5 Step-by-Step
HCL Sametime Meetings 11.5 Step-by-StepHCL Sametime Meetings 11.5 Step-by-Step
HCL Sametime Meetings 11.5 Step-by-Step
Ales Lichtenberg
 
Upgrade HCL Sametime server 11.0 to 11.5
Upgrade HCL Sametime server 11.0 to 11.5Upgrade HCL Sametime server 11.0 to 11.5
Upgrade HCL Sametime server 11.0 to 11.5
Ales Lichtenberg
 
Yes, It's Number One it's TOTP!
Yes, It's Number One it's TOTP!Yes, It's Number One it's TOTP!
Yes, It's Number One it's TOTP!
Keith Brooks
 
HCL Sametime Meetings 11.5 Setup Live Stream
HCL Sametime Meetings 11.5 Setup Live StreamHCL Sametime Meetings 11.5 Setup Live Stream
HCL Sametime Meetings 11.5 Setup Live Stream
Ales Lichtenberg
 
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-ReloadedRNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
Christoph Adler
 
HCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
HCL Sametime Meetings 11.5 Pre-Release - Step-by-StepHCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
HCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
Ales Lichtenberg
 
Ugprade HCL Sametime V11.5 to V11.6 - Step by Step
Ugprade HCL Sametime V11.5 to V11.6 - Step by StepUgprade HCL Sametime V11.5 to V11.6 - Step by Step
Ugprade HCL Sametime V11.5 to V11.6 - Step by Step
Ales Lichtenberg
 
What's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesWhat's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-Premises
Gabriella Davis
 
Hidden gems in cf2016
Hidden gems in cf2016Hidden gems in cf2016
Hidden gems in cf2016
ColdFusionConference
 
Debugging the Web with Fiddler
Debugging the Web with FiddlerDebugging the Web with Fiddler
Debugging the Web with Fiddler
Ido Flatow
 
Best And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM ConnectionsBest And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM Connections
LetsConnect
 
CoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at ExoscaleCoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at Exoscale
Antoine COETSIER
 
Bring the Modern and Seamless User Experience You Deserve to HCL Nomad
Bring the Modern and Seamless User Experience You Deserve to HCL NomadBring the Modern and Seamless User Experience You Deserve to HCL Nomad
Bring the Modern and Seamless User Experience You Deserve to HCL Nomad
panagenda
 

More Related Content

What's hot

HCL Sametime Meetings server upgrade to V11.6
HCL Sametime Meetings server upgrade to V11.6HCL Sametime Meetings server upgrade to V11.6
HCL Sametime Meetings server upgrade to V11.6
Ales Lichtenberg
 
HCL Sametime V11 - ENG
HCL Sametime V11 - ENGHCL Sametime V11 - ENG
HCL Sametime V11 - ENG
Ales Lichtenberg
 
HCL Nomad for Admins - ENG
HCL Nomad for Admins - ENGHCL Nomad for Admins - ENG
HCL Nomad for Admins - ENG
Ales Lichtenberg
 
HCL Sametime V11 installation - tips
HCL Sametime V11 installation - tipsHCL Sametime V11 installation - tips
HCL Sametime V11 installation - tips
Ales Lichtenberg
 
HCL Domino and Notes v12 are coming!
HCL Domino and Notes v12 are coming!HCL Domino and Notes v12 are coming!
HCL Domino and Notes v12 are coming!
panagenda
 
INF107 - Integrating HCL Domino and Microsoft 365
INF107 - Integrating HCL Domino and Microsoft 365INF107 - Integrating HCL Domino and Microsoft 365
INF107 - Integrating HCL Domino and Microsoft 365
Dylan Redfield
 
HCL Sametime V11 - Step by Step
HCL Sametime V11 - Step by StepHCL Sametime V11 - Step by Step
HCL Sametime V11 - Step by Step
Ales Lichtenberg
 
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
Ales Lichtenberg
 
HCL Sametime V11 - Step by Step v1.1 (include FP2)
HCL Sametime V11 - Step by Step v1.1 (include FP2)HCL Sametime V11 - Step by Step v1.1 (include FP2)
HCL Sametime V11 - Step by Step v1.1 (include FP2)
Ales Lichtenberg
 
HCL Sametime Meetings 11.5 Step-by-Step
HCL Sametime Meetings 11.5 Step-by-StepHCL Sametime Meetings 11.5 Step-by-Step
HCL Sametime Meetings 11.5 Step-by-Step
Ales Lichtenberg
 
Upgrade HCL Sametime server 11.0 to 11.5
Upgrade HCL Sametime server 11.0 to 11.5Upgrade HCL Sametime server 11.0 to 11.5
Upgrade HCL Sametime server 11.0 to 11.5
Ales Lichtenberg
 
Yes, It's Number One it's TOTP!
Yes, It's Number One it's TOTP!Yes, It's Number One it's TOTP!
Yes, It's Number One it's TOTP!
Keith Brooks
 
HCL Sametime Meetings 11.5 Setup Live Stream
HCL Sametime Meetings 11.5 Setup Live StreamHCL Sametime Meetings 11.5 Setup Live Stream
HCL Sametime Meetings 11.5 Setup Live Stream
Ales Lichtenberg
 
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-ReloadedRNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
Christoph Adler
 
HCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
HCL Sametime Meetings 11.5 Pre-Release - Step-by-StepHCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
HCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
Ales Lichtenberg
 
Ugprade HCL Sametime V11.5 to V11.6 - Step by Step
Ugprade HCL Sametime V11.5 to V11.6 - Step by StepUgprade HCL Sametime V11.5 to V11.6 - Step by Step
Ugprade HCL Sametime V11.5 to V11.6 - Step by Step
Ales Lichtenberg
 
What's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesWhat's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-Premises
Gabriella Davis
 
Hidden gems in cf2016
Hidden gems in cf2016Hidden gems in cf2016
Hidden gems in cf2016
ColdFusionConference
 
Debugging the Web with Fiddler
Debugging the Web with FiddlerDebugging the Web with Fiddler
Debugging the Web with Fiddler
Ido Flatow
 
Best And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM ConnectionsBest And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM Connections
LetsConnect
 

What's hot (20)

HCL Sametime Meetings server upgrade to V11.6
HCL Sametime Meetings server upgrade to V11.6HCL Sametime Meetings server upgrade to V11.6
HCL Sametime Meetings server upgrade to V11.6
 
HCL Sametime V11 - ENG
HCL Sametime V11 - ENGHCL Sametime V11 - ENG
HCL Sametime V11 - ENG
 
HCL Nomad for Admins - ENG
HCL Nomad for Admins - ENGHCL Nomad for Admins - ENG
HCL Nomad for Admins - ENG
 
HCL Sametime V11 installation - tips
HCL Sametime V11 installation - tipsHCL Sametime V11 installation - tips
HCL Sametime V11 installation - tips
 
HCL Domino and Notes v12 are coming!
HCL Domino and Notes v12 are coming!HCL Domino and Notes v12 are coming!
HCL Domino and Notes v12 are coming!
 
INF107 - Integrating HCL Domino and Microsoft 365
INF107 - Integrating HCL Domino and Microsoft 365INF107 - Integrating HCL Domino and Microsoft 365
INF107 - Integrating HCL Domino and Microsoft 365
 
HCL Sametime V11 - Step by Step
HCL Sametime V11 - Step by StepHCL Sametime V11 - Step by Step
HCL Sametime V11 - Step by Step
 
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021
 
HCL Sametime V11 - Step by Step v1.1 (include FP2)
HCL Sametime V11 - Step by Step v1.1 (include FP2)HCL Sametime V11 - Step by Step v1.1 (include FP2)
HCL Sametime V11 - Step by Step v1.1 (include FP2)
 
HCL Sametime Meetings 11.5 Step-by-Step
HCL Sametime Meetings 11.5 Step-by-StepHCL Sametime Meetings 11.5 Step-by-Step
HCL Sametime Meetings 11.5 Step-by-Step
 
Upgrade HCL Sametime server 11.0 to 11.5
Upgrade HCL Sametime server 11.0 to 11.5Upgrade HCL Sametime server 11.0 to 11.5
Upgrade HCL Sametime server 11.0 to 11.5
 
Yes, It's Number One it's TOTP!
Yes, It's Number One it's TOTP!Yes, It's Number One it's TOTP!
Yes, It's Number One it's TOTP!
 
HCL Sametime Meetings 11.5 Setup Live Stream
HCL Sametime Meetings 11.5 Setup Live StreamHCL Sametime Meetings 11.5 Setup Live Stream
HCL Sametime Meetings 11.5 Setup Live Stream
 
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-ReloadedRNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
RNUG - HCL Notes 11.0.1 FP2 — Performance Boost Re-Reloaded
 
HCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
HCL Sametime Meetings 11.5 Pre-Release - Step-by-StepHCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
HCL Sametime Meetings 11.5 Pre-Release - Step-by-Step
 
Ugprade HCL Sametime V11.5 to V11.6 - Step by Step
Ugprade HCL Sametime V11.5 to V11.6 - Step by StepUgprade HCL Sametime V11.5 to V11.6 - Step by Step
Ugprade HCL Sametime V11.5 to V11.6 - Step by Step
 
What's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesWhat's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-Premises
 
Hidden gems in cf2016
Hidden gems in cf2016Hidden gems in cf2016
Hidden gems in cf2016
 
Debugging the Web with Fiddler
Debugging the Web with FiddlerDebugging the Web with Fiddler
Debugging the Web with Fiddler
 
Best And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM ConnectionsBest And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM Connections
 

Similar to Bewährte Praktiken für HCL Notes/Domino-Sicherheit Teil 1: Der Notes-Client

CoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at ExoscaleCoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at Exoscale
Antoine COETSIER
 
Bring the Modern and Seamless User Experience You Deserve to HCL Nomad
Bring the Modern and Seamless User Experience You Deserve to HCL NomadBring the Modern and Seamless User Experience You Deserve to HCL Nomad
Bring the Modern and Seamless User Experience You Deserve to HCL Nomad
panagenda
 
Wie man HCL Nomad eine moderne User Experience verschafft
Wie man HCL Nomad eine moderne User Experience verschafftWie man HCL Nomad eine moderne User Experience verschafft
Wie man HCL Nomad eine moderne User Experience verschafft
panagenda
 
Die ultimative Anleitung für HCL Nomad Web Administratoren
Die ultimative Anleitung für HCL Nomad Web AdministratorenDie ultimative Anleitung für HCL Nomad Web Administratoren
Die ultimative Anleitung für HCL Nomad Web Administratoren
panagenda
 
Globus: Beyond File Transfer
Globus: Beyond File TransferGlobus: Beyond File Transfer
Globus: Beyond File Transfer
Globus
 
HCL Nomad Web 101: Skip the Mistakes and Get on the Fast Track
HCL Nomad Web 101: Skip the Mistakes and Get on the Fast TrackHCL Nomad Web 101: Skip the Mistakes and Get on the Fast Track
HCL Nomad Web 101: Skip the Mistakes and Get on the Fast Track
panagenda
 
Andriod - Technical Review
Andriod - Technical ReviewAndriod - Technical Review
Andriod - Technical Review
Folio3 Software
 
CollabSphere 2020 Live - Virtual, Faster, Better! How to deploy HCL Notes 11....
CollabSphere 2020 Live - Virtual, Faster, Better! How to deploy HCL Notes 11....CollabSphere 2020 Live - Virtual, Faster, Better! How to deploy HCL Notes 11....
CollabSphere 2020 Live - Virtual, Faster, Better! How to deploy HCL Notes 11....
Christoph Adler
 
CollabSphere 2020: INF111 - Virtual, Faster, Better! How to deploy HCL Notes ...
CollabSphere 2020: INF111 - Virtual, Faster, Better! How to deploy HCL Notes ...CollabSphere 2020: INF111 - Virtual, Faster, Better! How to deploy HCL Notes ...
CollabSphere 2020: INF111 - Virtual, Faster, Better! How to deploy HCL Notes ...
panagenda
 
IBM Spectrum Scale Security
IBM Spectrum Scale Security IBM Spectrum Scale Security
IBM Spectrum Scale Security
Sandeep Patil
 
Social Connections 13 - Troubleshooting Connections Pink
Social Connections 13 - Troubleshooting Connections PinkSocial Connections 13 - Troubleshooting Connections Pink
Social Connections 13 - Troubleshooting Connections Pink
Nico Meisenzahl
 
DevOPS training - Day 1/2
DevOPS training - Day 1/2DevOPS training - Day 1/2
DevOPS training - Day 1/2
Vincent Mercier
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview
Krishna-Kumar
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS Vulnerabilites
Sam Bowne
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17
LennartF
 
Ch 8: Desktop and Server OS Vulnerabilites
Ch 8: Desktop and Server OS VulnerabilitesCh 8: Desktop and Server OS Vulnerabilites
Ch 8: Desktop and Server OS Vulnerabilites
Sam Bowne
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
Sreenivas Makam
 
Tutorial: What's New with Globus
Tutorial: What's New with GlobusTutorial: What's New with Globus
Tutorial: What's New with Globus
Globus
 
Introducing bastion hosts for oracle cloud infrastructure v1.0
Introducing bastion hosts for oracle cloud infrastructure v1.0Introducing bastion hosts for oracle cloud infrastructure v1.0
Introducing bastion hosts for oracle cloud infrastructure v1.0
maaz khan
 
Splunk Discovery: Warsaw 2018 - Getting Data In
Splunk Discovery: Warsaw 2018 - Getting Data InSplunk Discovery: Warsaw 2018 - Getting Data In
Splunk Discovery: Warsaw 2018 - Getting Data In
Splunk
 

Similar to Bewährte Praktiken für HCL Notes/Domino-Sicherheit Teil 1: Der Notes-Client (20)

CoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at ExoscaleCoreOS and cloud provider integration: simple cloud-init example at Exoscale
CoreOS and cloud provider integration: simple cloud-init example at Exoscale
 
Bring the Modern and Seamless User Experience You Deserve to HCL Nomad
Bring the Modern and Seamless User Experience You Deserve to HCL NomadBring the Modern and Seamless User Experience You Deserve to HCL Nomad
Bring the Modern and Seamless User Experience You Deserve to HCL Nomad
 
Wie man HCL Nomad eine moderne User Experience verschafft
Wie man HCL Nomad eine moderne User Experience verschafftWie man HCL Nomad eine moderne User Experience verschafft
Wie man HCL Nomad eine moderne User Experience verschafft
 
Die ultimative Anleitung für HCL Nomad Web Administratoren
Die ultimative Anleitung für HCL Nomad Web AdministratorenDie ultimative Anleitung für HCL Nomad Web Administratoren
Die ultimative Anleitung für HCL Nomad Web Administratoren
 
Globus: Beyond File Transfer
Globus: Beyond File TransferGlobus: Beyond File Transfer
Globus: Beyond File Transfer
 
HCL Nomad Web 101: Skip the Mistakes and Get on the Fast Track
HCL Nomad Web 101: Skip the Mistakes and Get on the Fast TrackHCL Nomad Web 101: Skip the Mistakes and Get on the Fast Track
HCL Nomad Web 101: Skip the Mistakes and Get on the Fast Track
 
Andriod - Technical Review
Andriod - Technical ReviewAndriod - Technical Review
Andriod - Technical Review
 
CollabSphere 2020 Live - Virtual, Faster, Better! How to deploy HCL Notes 11....
CollabSphere 2020 Live - Virtual, Faster, Better! How to deploy HCL Notes 11....CollabSphere 2020 Live - Virtual, Faster, Better! How to deploy HCL Notes 11....
CollabSphere 2020 Live - Virtual, Faster, Better! How to deploy HCL Notes 11....
 
CollabSphere 2020: INF111 - Virtual, Faster, Better! How to deploy HCL Notes ...
CollabSphere 2020: INF111 - Virtual, Faster, Better! How to deploy HCL Notes ...CollabSphere 2020: INF111 - Virtual, Faster, Better! How to deploy HCL Notes ...
CollabSphere 2020: INF111 - Virtual, Faster, Better! How to deploy HCL Notes ...
 
IBM Spectrum Scale Security
IBM Spectrum Scale Security IBM Spectrum Scale Security
IBM Spectrum Scale Security
 
Social Connections 13 - Troubleshooting Connections Pink
Social Connections 13 - Troubleshooting Connections PinkSocial Connections 13 - Troubleshooting Connections Pink
Social Connections 13 - Troubleshooting Connections Pink
 
DevOPS training - Day 1/2
DevOPS training - Day 1/2DevOPS training - Day 1/2
DevOPS training - Day 1/2
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview
 
CNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS VulnerabilitesCNIT 123: 8: Desktop and Server OS Vulnerabilites
CNIT 123: 8: Desktop and Server OS Vulnerabilites
 
Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17
 
Ch 8: Desktop and Server OS Vulnerabilites
Ch 8: Desktop and Server OS VulnerabilitesCh 8: Desktop and Server OS Vulnerabilites
Ch 8: Desktop and Server OS Vulnerabilites
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
 
Tutorial: What's New with Globus
Tutorial: What's New with GlobusTutorial: What's New with Globus
Tutorial: What's New with Globus
 
Introducing bastion hosts for oracle cloud infrastructure v1.0
Introducing bastion hosts for oracle cloud infrastructure v1.0Introducing bastion hosts for oracle cloud infrastructure v1.0
Introducing bastion hosts for oracle cloud infrastructure v1.0
 
Splunk Discovery: Warsaw 2018 - Getting Data In
Splunk Discovery: Warsaw 2018 - Getting Data InSplunk Discovery: Warsaw 2018 - Getting Data In
Splunk Discovery: Warsaw 2018 - Getting Data In
 

More from panagenda

Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
panagenda
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
De05_panagenda_Prepare-Applications-for-64-bit-Clients.pdf
De05_panagenda_Prepare-Applications-for-64-bit-Clients.pdfDe05_panagenda_Prepare-Applications-for-64-bit-Clients.pdf
De05_panagenda_Prepare-Applications-for-64-bit-Clients.pdf
panagenda
 
Co01_panagenda_NotesDomino-Licensing-Understand-and-Optimize-DLAU-results-wit...
Co01_panagenda_NotesDomino-Licensing-Understand-and-Optimize-DLAU-results-wit...Co01_panagenda_NotesDomino-Licensing-Understand-and-Optimize-DLAU-results-wit...
Co01_panagenda_NotesDomino-Licensing-Understand-and-Optimize-DLAU-results-wit...
panagenda
 
Ad01_Navigating-HCL-Notes-14-Upgrades_A-Comprehensive-Guide-for-Conquering-Ch...
Ad01_Navigating-HCL-Notes-14-Upgrades_A-Comprehensive-Guide-for-Conquering-Ch...Ad01_Navigating-HCL-Notes-14-Upgrades_A-Comprehensive-Guide-for-Conquering-Ch...
Ad01_Navigating-HCL-Notes-14-Upgrades_A-Comprehensive-Guide-for-Conquering-Ch...
panagenda
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
panagenda
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
panagenda
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
panagenda
 
Why you need monitoring to keep your Microsoft 365 journey successful
Why you need monitoring to keep your Microsoft 365 journey successfulWhy you need monitoring to keep your Microsoft 365 journey successful
Why you need monitoring to keep your Microsoft 365 journey successful
panagenda
 
Developer Special: How to Prepare Applications for Notes 64-bit Clients
Developer Special: How to Prepare Applications for Notes 64-bit ClientsDeveloper Special: How to Prepare Applications for Notes 64-bit Clients
Developer Special: How to Prepare Applications for Notes 64-bit Clients
panagenda
 
Everything You Need to Know About HCL Notes 14
Everything You Need to Know About HCL Notes 14Everything You Need to Know About HCL Notes 14
Everything You Need to Know About HCL Notes 14
panagenda
 
Alles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssenAlles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssen
panagenda
 
Workshop: HCL Notes 14 Upgrades einfach gemacht – von A bis Z
Workshop: HCL Notes 14 Upgrades einfach gemacht – von A bis ZWorkshop: HCL Notes 14 Upgrades einfach gemacht – von A bis Z
Workshop: HCL Notes 14 Upgrades einfach gemacht – von A bis Z
panagenda
 
How to Perform HCL Notes 14 Upgrades Smoothly
How to Perform HCL Notes 14 Upgrades SmoothlyHow to Perform HCL Notes 14 Upgrades Smoothly
How to Perform HCL Notes 14 Upgrades Smoothly
panagenda
 
The Ultimate Administrator’s Guide to HCL Nomad Web
The Ultimate Administrator’s Guide to HCL Nomad WebThe Ultimate Administrator’s Guide to HCL Nomad Web
The Ultimate Administrator’s Guide to HCL Nomad Web
panagenda
 
Im Praxistest – Microsoft Teams Performance im hybriden Arbeitsalltag
Im Praxistest – Microsoft Teams Performance im hybriden ArbeitsalltagIm Praxistest – Microsoft Teams Performance im hybriden Arbeitsalltag
Im Praxistest – Microsoft Teams Performance im hybriden Arbeitsalltag
panagenda
 
Hybrid Environments and What They Mean for HCL Notes and Nomad
Hybrid Environments and What They Mean for HCL Notes and NomadHybrid Environments and What They Mean for HCL Notes and Nomad
Hybrid Environments and What They Mean for HCL Notes and Nomad
panagenda
 
Hybride Umgebungen und was sie für HCL Notes und Nomad bedeuten
Hybride Umgebungen und was sie für HCL Notes und Nomad bedeutenHybride Umgebungen und was sie für HCL Notes und Nomad bedeuten
Hybride Umgebungen und was sie für HCL Notes und Nomad bedeuten
panagenda
 

More from panagenda (20)

Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
De05_panagenda_Prepare-Applications-for-64-bit-Clients.pdf
De05_panagenda_Prepare-Applications-for-64-bit-Clients.pdfDe05_panagenda_Prepare-Applications-for-64-bit-Clients.pdf
De05_panagenda_Prepare-Applications-for-64-bit-Clients.pdf
 
Co01_panagenda_NotesDomino-Licensing-Understand-and-Optimize-DLAU-results-wit...
Co01_panagenda_NotesDomino-Licensing-Understand-and-Optimize-DLAU-results-wit...Co01_panagenda_NotesDomino-Licensing-Understand-and-Optimize-DLAU-results-wit...
Co01_panagenda_NotesDomino-Licensing-Understand-and-Optimize-DLAU-results-wit...
 
Ad01_Navigating-HCL-Notes-14-Upgrades_A-Comprehensive-Guide-for-Conquering-Ch...
Ad01_Navigating-HCL-Notes-14-Upgrades_A-Comprehensive-Guide-for-Conquering-Ch...Ad01_Navigating-HCL-Notes-14-Upgrades_A-Comprehensive-Guide-for-Conquering-Ch...
Ad01_Navigating-HCL-Notes-14-Upgrades_A-Comprehensive-Guide-for-Conquering-Ch...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Why you need monitoring to keep your Microsoft 365 journey successful
Why you need monitoring to keep your Microsoft 365 journey successfulWhy you need monitoring to keep your Microsoft 365 journey successful
Why you need monitoring to keep your Microsoft 365 journey successful
 
Developer Special: How to Prepare Applications for Notes 64-bit Clients
Developer Special: How to Prepare Applications for Notes 64-bit ClientsDeveloper Special: How to Prepare Applications for Notes 64-bit Clients
Developer Special: How to Prepare Applications for Notes 64-bit Clients
 
Everything You Need to Know About HCL Notes 14
Everything You Need to Know About HCL Notes 14Everything You Need to Know About HCL Notes 14
Everything You Need to Know About HCL Notes 14
 
Alles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssenAlles was Sie über HCL Notes 14 wissen müssen
Alles was Sie über HCL Notes 14 wissen müssen
 
Workshop: HCL Notes 14 Upgrades einfach gemacht – von A bis Z
Workshop: HCL Notes 14 Upgrades einfach gemacht – von A bis ZWorkshop: HCL Notes 14 Upgrades einfach gemacht – von A bis Z
Workshop: HCL Notes 14 Upgrades einfach gemacht – von A bis Z
 
How to Perform HCL Notes 14 Upgrades Smoothly
How to Perform HCL Notes 14 Upgrades SmoothlyHow to Perform HCL Notes 14 Upgrades Smoothly
How to Perform HCL Notes 14 Upgrades Smoothly
 
The Ultimate Administrator’s Guide to HCL Nomad Web
The Ultimate Administrator’s Guide to HCL Nomad WebThe Ultimate Administrator’s Guide to HCL Nomad Web
The Ultimate Administrator’s Guide to HCL Nomad Web
 
Im Praxistest – Microsoft Teams Performance im hybriden Arbeitsalltag
Im Praxistest – Microsoft Teams Performance im hybriden ArbeitsalltagIm Praxistest – Microsoft Teams Performance im hybriden Arbeitsalltag
Im Praxistest – Microsoft Teams Performance im hybriden Arbeitsalltag
 
Hybrid Environments and What They Mean for HCL Notes and Nomad
Hybrid Environments and What They Mean for HCL Notes and NomadHybrid Environments and What They Mean for HCL Notes and Nomad
Hybrid Environments and What They Mean for HCL Notes and Nomad
 
Hybride Umgebungen und was sie für HCL Notes und Nomad bedeuten
Hybride Umgebungen und was sie für HCL Notes und Nomad bedeutenHybride Umgebungen und was sie für HCL Notes und Nomad bedeuten
Hybride Umgebungen und was sie für HCL Notes und Nomad bedeuten
 

Recently uploaded

Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
Cyanic lab
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Shahin Sheidaei
 
Pro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp BookPro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp Book
abdulrafaychaudhry
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Introduction to Pygame (Lecture 7 Python Game Development)
Introduction to Pygame (Lecture 7 Python Game Development)Introduction to Pygame (Lecture 7 Python Game Development)
Introduction to Pygame (Lecture 7 Python Game Development)
abdulrafaychaudhry
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
informapgpstrackings
 
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Globus
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
Globus
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
NYGGS Automation Suite
 

Recently uploaded (20)

Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
 
Pro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp BookPro Unity Game Development with C-sharp Book
Pro Unity Game Development with C-sharp Book
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Introduction to Pygame (Lecture 7 Python Game Development)
Introduction to Pygame (Lecture 7 Python Game Development)Introduction to Pygame (Lecture 7 Python Game Development)
Introduction to Pygame (Lecture 7 Python Game Development)
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
 
Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...Developing Distributed High-performance Computing Capabilities of an Open Sci...
Developing Distributed High-performance Computing Capabilities of an Open Sci...
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
 

Bewährte Praktiken für HCL Notes/Domino-Sicherheit Teil 1: Der Notes-Client

  • 1. Make Your Data Work For You Best Practices for HCL Notes/Domino Security Part 1: The Notes Client 16th March 2021
  • 2. Daniel Klas @panagenda Inbound Marketing Coordinator panagenda Marc Thomas @IAM_Mthomas Senior Consultant panagenda Speakers Join the conversation using #NotesDominoSecurity & @panagenda
  • 3. Agenda 1. Introduction 2. Secure client-server communication over any port (with and without SafeLinx) 3. Safeguarding data in local replicas/databases 4. Protecting the client environment from running untrusted code 5. Staying current with security updates 6. Authentication security
  • 4.
  • 5. 1. Introduction – Available clients • Available clients – HCL Notes – Basic configuration – HCL Notes – Standard (incl. Eclipse) – HCL Notes – Standard (incl. Eclipse + Admin and/or Designer client) – HCL Client Application Access – aka HCAA – HCL Nomad – mobile app for Android – HCL Nomad – mobile app for iOS/iPadOS – HCL Nomad Web (beta) – via Browser – HCL Verse – via Browser
  • 6. 2. Secure client-server communication – Client • NRPC port settings – NRPC = Notes remote procedure call – Port 1352 – Legacy • LAN0 / COM(.*) / DisabledPorts → Should be removed – Port settings in notes.ini • Ports=TCPIP • TCPIP = TCP,0,15,0,,45056, → with encryption only • TCPIP = TCP,0,15,0,,45088, → with encryption & compression • TCPIP = TCP,0,15,0,,12288, → DEFAULT - without encryption & compression
  • 7. 2. Secure client-server communication – Server • Legacy/Default port encryption for Notes/Domino – RC4 128Bit (Rivest Cipher 4) • Best practice settings for port encryption on Domino server >= 9.0.1 Fix Pack 7 – AES-GCM 128Bit (Advanced Encryption Standard) – notes.ini → PORT_ENC_ADV=84 • See the following Technote for details and read before you use the parameter: – https://help.hcltechsw.com/domino/11.0.1/admin/conf_port_enc_adv_r.html
  • 8. 2. Secure client-server communication – mobile app • HCL Nomad mobile app – Classic → NRPC (direct using VPN/Passthrough) – New → SSL Tunneling (port 443) using Nomad Proxy aka HCL SafeLinx
  • 9. 3. Safeguarding data in local replicas/databases • Local replicas of (Domino) server databases – One of the most powerful features of Notes/Domino is “Replication” – Almost every customer has local replicas on some or on all Notes clients (managed and/or unmanaged) – Local replicas in general should always be encrypted – Use “Strong Encryption” or even better “128 bit AES”
  • 10. 3. Safeguarding data in local replicas/databases (cont.) • Access Control List (ACL) of local replicas – Use the option “Enforce a consistent Access Control List” in the ACL’s of your server Application Databases to ensure ACL is identical on all replicas (incl. local).
  • 11. 4. Protecting the client environment from running untrusted code • Execution Control List (ECL) – The ECL takes care that code only gets executed if the “code signer” is trusted – Either a user or admins can put “signers/users” on the ECL – Using an Administration-ECL or manage the ECL (incl. lock down) is highly recommended and also ensures that a user cannot add users/Signers to the list • If a user then gets an “Execution Security Alert” → it is a security alert!
  • 12. 5. Staying current with security updates • Do you remember our first slide? • Available clients – HCL Notes – Basic configuration – HCL Notes – Standard (incl. Eclipse) – HCL Notes – Standard (incl. Eclipse + Admin and/or Designer client) – HCL Client Application Access – aka HCAA – HCL Nomad – mobile app for Android – HCL Nomad – mobile app for iOS/iPadOS – HCL Nomad Web (beta) – via Browser – HCL Verse – via Browser
  • 13. 5. Staying current with security updates (cont.) • Do you remember our first slide? • Available clients and latest releases – HCL Notes 11.0.1 FP2 SHF46 – Basic configuration – HCL Notes 11.0.1 FP2 SHF46 – Standard (incl. Eclipse) – HCL Notes 11.0.1 FP2 SHF46 – Standard (incl. Eclipse + Admin and/or Designer client) – HCL Client Application Access 3.0.3 – aka HCAA – HCL Nomad 1.0.15 20210219-1541 – mobile app for Android – HCL Nomad 1.0.11– mobile app for iOS/iPadOS – HCL Nomad Web (beta) – via Browser – HCL Verse 2.0.1 – via Browser
  • 14. 5. Staying current with security updates (cont.) • More security options – The newer the version, the more modern and better the security options and features • Vulnerability – The older the version, the higher the risk of being vulnerable – Check out this link (sorted in ascending order by date): https://support.hcltechsw.com/csm?id=kb_search&spa=1&language=en&u_document_type=Security%20B ulletin&kb_category=1ec026dc1b45730083cb86e9cd4bcb24
  • 15. 6. Authentication security • The following may sound silly, but – PLEASE use ID files protected with passwords – Use a Security-Policy to force password • expiration after xx days • complexity • Single Sign-On (SSO) may help here – Comfort combined with security – Notes Shared Login (NSL) • https://help.hcltechsw.com/domino/11.0.1/admin/conf_usingnotessharedlogintosuppresspasswordpr ompts_c.html – Notes Federated Login (NFL) • https://help.hcltechsw.com/domino/11.0.1/admin/secu_using_security_assertion_markup_language_saml _to_configure_federated_identity_authentication_t.html?hl=federated%2Clogin
  • 16. - Commercial break - All the 6 topics and more can be easily covered/solved/managed by
  • 17. Daniel Klas @panagenda Inbound Marketing Coordinator panagenda Marc Thomas @IAM_Mthomas Senior Consultant panagenda Q & A Join the conversation using #NotesDominoSecurity & @panagenda
  • 18. Daniel Klas @panagenda Inbound Marketing Coordinator panagenda Marc Thomas @IAM_Mthomas Senior Consultant panagenda Thank you! Join the conversation using #NotesDominoSecurity & @panagenda
  • 19. Daniel Klas @panagenda Inbound Marketing Coordinator panagenda Marc Thomas @IAM_Mthomas Senior Consultant panagenda Thank you! Join the conversation using #NotesDominoSecurity & @panagenda