Secure communications

Plan how your business requirements and environment affect your approach to securing communications between the components of the system. Balance security with ease of use and performance.

Consider the relative locations and conditions, and the sensitivity of your data to plan for the appropriate security for the following connections:

Global Mailbox management tool
Secure connections using SSL/TLS.
Liberty profile
Global Mailbox uses the capabilities provided by the Liberty profile to enable secure communication with TSL/SSL.
NIST or FIPS compliance
You can configure Liberty and Global Mailbox to run in NIST or FIPS compliance.
Cluster nodes
Each Global Mailbox node in the cluster must be individually configured for TLS/SSL.
Apache Cassandra cluster
To restrict access to the server to trusted clients only, the connection between Global Mailbox and Cassandra must be secured. This is disabled by default. Enable it to secure the database server for the internal network.
Replication server
The SSH server used by replication server must have PasswordAuthentication turned on.
Application connections
SSL connections between Global Mailbox and the application are enabled by default; and are set during installation.
Firewall requirements
Ensure that your firewalls are configured to allow connections to the ports.