Hello,
we have customer which has requested webmail from Lotus Domino 8.0.2 to be access from public over https://webmail.companyname.com
What would be best way to do this concerning security ? We are considering using SSL VPN box but then there is problem with integration of SSO. Is there some kind of example or proven configuration for this ?
Best regards,
Damir
Subject: ideas
1- Put the server on DMZ and replicate the mail files with a internal server.2- Use SSL (force).
3- raize the log to more “verbose” on dmz server.
4- Do not use a AD integration, use domino directory to authentication your users.
If you need more secure enviroment…
4- Log to a mailin database all msgs or create a filter to do that.
5- Force all users to use a certification key (like a token) to access the mail, not just the internet password.
ps- Do you need a cluster enviroment ?
Subject: Re: ideas
additional server is not possible. Also, AD integration is required for internal network but for this purpose, I will need to justify several logins if we come up with more then one login …
Subject: Re: ideas
and, not clustering is required …
Subject: AD integration
So… AD integration is just a way to deploy more faster and secure, I don´t like to have a external server accessing my AD environment.
If you can´t have two server you really need a VPN. Do you have one ? Firewall-1 ?
msn: cantisan at gmail com (if you need more help).
Subject: RE: AD integration
Yes, we have firewall and it Fortinet FG200A which supports SSL VPN. My plan is to use some kind of SSL (not necessary this one from Fortinet; looking at Juniper SA700 or Citrix CAG also) in order to protect enviroment. Issue is that customers required “only once to typein password and username” :-). So I am not investigating how to passthru AD/Lotus Domino 8.0.2 and SSLVPN authentication …
Damir