OW5000 System Security Guidelines - NEC Corporation of America

More documents

Recommendations

Info

2-6 Securing the NetworkSQL may dynamically select are open in the fire wall. Ensure SQL ServerExpress Edition listens for an incoming client connection.NOTEUNIVERGE clients, UA5200 and EOSN, log events to the OAI Logging server (i.e.the UCE server). If the the client machine operation is very slow, it may be becausethe client is unable to connect to the Logging server. Two options for fixing this are(1) configure the client to connect to the UCE server's FQDN instead of thehostname; or (2) allow the client to connect to TCP port 445 on the UCE server.Please make sure that configurable ports, such as the Access Server Listen Port, isalso added properly.NOTEWindows ServicesIsolation of ServicesTo enforce security, the following is recommended:• Do not set OW5000 Server as a Domain Controller or GlobalAdministrator.• Do not install Microsoft SQL Server on a Domain Controller.• Disable all unnecessary Windows Services on the OW5000 server.• Do not enable the following Windows Services on the OW5000 server:—WINS—DHCP—FTP—SMTPThe OW5000 installation will fail when installed on a Domain Controller.IMPORTANTUCE Application Platform (UNIVERGE OW5000) System Security Guidelines - Revision 7
3-13Securing the Operating SystemChapter TopicsThis chapter provides recommendations to secure the Windows Server2003, 2008, Windows XP, Vista, and Windows 7 Operating Systems.• Server Administration• IIS Configuration• Virus Detection• Intrusion DetectionServer AdministrationFollow the recommendations below to ensure your operating system issecure. NEC recommends the basic server administration policies.• Enable the Windows Update service to receive Critical Update andSecurity Patch notices.• Enforce strong passwords.• Disable and delete user accounts as they become inactive.• Uncheck Password never expires for the accounts from computermanagement or customer maintained. Set passwords on indicatedaccount to expire.• Restrict Remote Access to administrators.• Restrict Anonymous - Select Administrative Tools > LocalSecurity Policy > Security Settings > Local policies > SecurityOptions: Additional restrictions for anonymous connections set to:No access without explicit anonymous permissions.REFERENCEFor more information on Securing the Operating System, go to http://www.microsoft.com. Keywords: Patch, Patch Management, Security, Securingyour Web Server.TIP128-bit encryption is available in a limited number of countries. Check with yourNetwork or System Administrator to determine if 128-bit encryption is available inyour area.UCE Application Platform (UNIVERGE OW5000) System Security Guidelines - Revision 7
Page 8: 1-2 Introduction• The procedures
Page 11 and 12: Securing the Network 2-3Firewall Co
Page 13: Securing the Network 2-5UC700 (cont
Page 17: Securing the Operating System 3-3Vi
Page 20 and 21: 4-2 Securing the DatabaseREFERENCEI
Page 22 and 23: 4-4 Securing the DatabaseUCE Applic
Page 24: NEC NEC CorporationUC for Enterpris

OW5000 System Security Guidelines - NEC Corporation of America

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?