...
HTML |
---|
<p>Within the Windows Registry, right click and select <span class="keyword">New ? String Value</span> and name it <span class="keyword">HighSecurity</span>.</p> <p> Then, double-click on it and enter the Value of <span class="keyword">True</span>, as shown below:</p> <img class="screenshot naked" src="http://www.tri-line.com/common/img/documentation/tim_enterprise/HighSecurity.png" alt="HighSecurity Registry value" /> <p>When the <span class="keyword">HighSecurity</span> Registry value is set to <span class="keyword">True</span>, the following restrictions are imposed:-</p> <ol> <li> Ability to block individual web scripts by including them in a blacklist file: <div style="border-width: 1px;" class="code panel"><div class="codeContent panelContent"> <div><div class="syntaxhighlighter nogutter java" id="highlighter_500102318479"><div class="toolbar"><span><a class="toolbar_item command_help help" href="#">?</a></span></div>div><table <table cellspacing="0" cellpadding="0" border="0"><tbody><tr><td class="guttercode"><div class="line number1 index0 alt2">1</div></td><td class="code"> <div title="Hint: double-click to select code" class="container"><div class="line number1 index0 alt2"><code class="java plainstring">"\ssldata\{class}\blacklist.___"</code></div></div></td></tr> <tr></tbody></table></div></div> </div></div> </li> <li> Enforce password complexity for web users (additional Registry entries required)</li> <li> Forbid direct SQL queries through web interface</li> <li> System alert messages are silently suppressed</li> <li> System database connection tests forbidden</li> <li> Ability to (re)create system database tables inhibited</li> <li> Cannot change or test web (HTTP) port</li> <li> Cannot send test emails</li> <li> Debug information suppressed if a XSL translation error occurs</li> </ol> <h2>Web interface protocols</h2> <p>The default behaviour is to allow all protocols TLS1, SSL2 and SSL3.</p> <p>You can change the type of connection that TIM will respond to by adding the Registry String Value <span class="keyword">WWWSSLProtocol</span>.</p> <p>Note that this this is a case-insensitive string value with one of the following data values:</p> <table class="confluenceTable"> <tbody> <tr> <th class="confluenceTh" width=166>Registry String data value</th> <th class="confluenceTh">Description</th> </tr> <tr> <td class="confluenceTd"><span class="keyword">nossl</span></td> <td class="confluenceTd">No SSL protocols, behave like a standard HTTP server</td> </tr> <tr> <td class="confluenceTd"><span class="keyword">ssl23</span></td> <td class="confluenceTd">SSL2 and SSL3 protocols only</td> </tr> <tr> <td class="confluenceTd"><span class="keyword">ssl2</span></td> <td class="confluenceTd">SSL2 protocol only</td> </tr> <tr> <td class="confluenceTd"><span class="keyword">ssl3</span></td> <td class="confluenceTd">SSL3 protocol only</td> </tr> <tr> <td class="confluenceTd"><span class="keyword">tls1</span></td> <td class="confluenceTd">TLS1 protocol only</td> </tr> </tbody> </table> <h2>Password complexity</h2> <p>You can configure TIM Enterprise web users with complex passwords to match your organisation's IT password policy.</p> <p>To enable complex passwords, a Registry String Value <span class="keyword">PasswordComplexity</span> must be added.</p> <p>The use of the following data string values, allows you to configure how complex the passwords are:</p> |
...