Interview

Lotus' Booth answers your ND6 security questions

Joyce Chutchian, Site Editor
What kind of antivirus solution do you recommend for scanning attachments, and where do you recommend installing it? We have antivirus software on the server and the client, but we are concerned about users in kiosks.
We do not recommend a specific vendor. I suggest you look at the Lotus partners and see who offers antivirus products. Since they are partners, they have tested with our products and do have access to technical help from the Lotus development team. Does the NRPC protocol now support 128-bit encryption after the initial authentication or do we have to use port encryption?
Yes, it does support 128-bit encryption, but it is not automatic. You must check the box for 128-bit encryption. Are you going to have a deployment tool in ND6?
There are many tools in Notes/Domino 6. There is a Redbook, best practice information and migration information within the documentation, etc. There are additional tools within each of the feature sets. I would suggest you download the code and then look at the specific area for the new features within that area. Where is the feature for password synch between Notes and Internet passwords?
Admins can set it via policy Why doesn't the smart card allow roaming user access?
Roaming user access is not supported at this time. When Roaming user rolls out, and we begin to see how our customers use this feature, then we can prioritize features that will be added to follow on releases. This is our first step in the implementation of PKCS#11 (smart card support), and we plan to provide broader feature support. Are you considering using a multi-user password strategy for a "Super Admin" account, so that it would take two people to activate it, thus ensuring appropriate management approval?
Today, you can configure an ID that has two or more approvals, so this would be a way to do what you ask. We also recommend that the "super admin" have a separate ID that is different from the standard ID that the admin uses. All actions are being logged, so it would track to the specific "super admin" ID. Also can you speak on how to prevent system admins from having access to read users' mail? How can we administer IDs and passwords so admins can do their job but not be able to read user mail files?
If the admin group is added to the ACL of the user's mail, then they can read the mail. A way to prevent the admin from reading the mail would be to have the users encrypt their mail. Does ND6 handle two-character organization/certifiers? For instance, the government of Canada is represented as GC (i.e. GC/CA or GC.CA).
No, we do not support this.

FOR MORE INFORMATION:

The Best Web Links on Notes security

Discuss other related issues with your peers in Chuck Connell's Notes/Domino security forum


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: