Learn how to ensure the highest security in PolicyServer.
Requirements for the environment where the PolicyServer should be installed:
- All administrators must be trusted and must not maliciously attempt to circumvent the security of the system.
- All administrators must be competent and well trained.
- The server should be located in a physically-secured room.
- The server should be hardened or secured.
To achieve the highest security for PolicyServer, implement the following:
|World Wide Web||Communicates to Endpoint Encryption clients and exchange Audit Policy data.||TCP: 80||Ensure that the IIS server is properly configured. .NET servers must also be enabled.|
|Sends alerts from the PolicyServer.||TCP: 25||Ensure that the email server is properly configured.SQL|
|SQL||Transfers SQL requests for Audit Policy data.||TCP: 1433 and UDP: 1434||Fixed port configuration must be used.|
- The ports listed above are for the default configuration.
- All unused services or ports should be disabled to prevent unauthorized access.
- The SQL Server should be hardened and secured.
- The server and SQL server should be backed up.
- The PolicyServer and all clients should be synchronized to a single time server.