...
| HTML |
|---|
<p>Within the Windows Registry, right click and select <span class="keyword">New ? String Value</span> and name it <span class="keyword">HighSecurity</span>.</p> <p> Then, double-click on it and enter the Value of <span class="keyword">True</span>, as shown below:</p> <img class="screenshot naked" src="http://www.tri-line.com/common/img/documentation/tim_enterprise/HighSecurity.png" alt="HighSecurity Registry value" /> <p>When the <span class="keyword">HighSecurity</span> Registry value is set to <span class="keyword">True</span>, the following restrictions are imposed:-</p> <ol> <li> Ability to block individual web scripts by including them in a blacklist file: <div style="border-width: 1px;" class="code panel"><div class="codeContent panelContent"> <div><div class="syntaxhighlighter nogutter java" id="highlighter_318479"><div class="toolbar"><span><a class="toolbar_item command_help help" href="#">?</a></span></div><table cellspacing="0" cellpadding="0" border="0"><tbody><tr><td class="code"><div title="Hint: double-click to select code" class="container"><div class="line number1 index0 alt2"><code class="java string">" |
| Code Block | ||
|---|---|---|
| ||
"\ssldata\{class}\blacklist.___"</code></div></div></td></tr></tbody></table></div></div> </div></div> </ |
| HTML |
|---|
</li>
<li> Enforce password complexity for web users (additional Registry entries required)</li>
<li> Forbid direct SQL queries through web interface</li>
<li> System alert messages are silently suppressed</li>
<li> System database connection tests forbidden</li>
<li> Ability to (re)create system database tables inhibited</li>
<li> Cannot change or test web (HTTP) port</li>
<li> Cannot send test emails</li>
<li> Debug information suppressed if a XSL translation error occurs</li>
</ol>
<h2>Web interface protocols</h2>
<p>The default behaviour is to allow all protocols TLS1, SSL2 and SSL3.</p>
<p>You can change the type of connection that TIM will respond to by adding the Registry String Value <span class="keyword">WWWSSLProtocol</span>.</p>
<p>Note that this this is a case-insensitive string value with one of the following data values:</p>
<table class="confluenceTable">
<tbody>
<tr>
<th class="confluenceTh" width=166>Registry String data value</th>
<th class="confluenceTh">Description</th>
</tr>
<tr>
<td class="confluenceTd"><span class="keyword">nossl</span></td>
<td class="confluenceTd">No SSL protocols, behave like a standard HTTP server</td>
</tr>
<tr>
<td class="confluenceTd"><span class="keyword">ssl23</span></td>
<td class="confluenceTd">SSL2 and SSL3 protocols only</td>
</tr>
<tr>
<td class="confluenceTd"><span class="keyword">ssl2</span></td>
<td class="confluenceTd">SSL2 protocol only</td>
</tr>
<tr>
<td class="confluenceTd"><span class="keyword">ssl3</span></td>
<td class="confluenceTd">SSL3 protocol only</td>
</tr>
<tr>
<td class="confluenceTd"><span class="keyword">tls1</span></td>
<td class="confluenceTd">TLS1 protocol only</td>
</tr>
</tbody>
</table>
<h2>Password complexity</h2>
<p>You can configure TIM Enterprise web users with complex passwords to match your organisation's IT password policy.</p>
<p>To enable complex passwords, a Registry String Value <span class="keyword">PasswordComplexity</span> must be added.</p>
<p>The use of the following data string values, allows you to configure how complex the passwords are:</p> |
...