We are using Domino and Notes version 4.6.6b
I've recently tried out a connection method that allows my users to connect to our Domino server, using the Notes client, from anywhere in the world using the Internet.
This is achieved by creating: a) a location document that uses "local area network" as the location type, and b) a connection document for the Domino server with its IP address. The user connects to the internet, fires up the Notes client, and chooses the new location.
My router and firewall had to be configured to open up port 1352.
The user can now access all the databases that the ACLs allow.
Should I use certificates or do anything else to tighten security?
This is a standard operation. You are doing a normal Notes to Domino connection, but you are using the Internet as the communication pipe.
How secure is it? Pretty good, if you keep control over the Notes IDs that are in use and the ACL on the database. No one can read the database unless they have a valid Notes ID that is listed in the database ACL. You are already using certificates, since the Domino/Notes security method includes checking for a shared certifier.
One thing you might add is network traffic encryption, to prevent someone from "listening in" on the data as it moves over the Internet. (Although the hacker would have to be pretty clever to do this.) See Domino Administration Help. Go to the Index view, then see Ports / Encrypting.
Dig Deeper on Domino Resources - Part 4
Related Q&A from Chuck Connell
Is it possible to encrypt a user's name before sending an email? SearchDomino.com expert Chuck Connell weighs in. Continue Reading
Learn how to change authentication timeout interval for Domino Web Access logins. Continue Reading
SearchDomino.com expert Chuck Connell provides a resource for a Lotus Notes administrator who wants to filter out email containing the word "spam," ... Continue Reading