Network security

Physical network security is beyond the scope of this documentation, but you must set it up before you set up connection security. Physical network security prevents unauthorized users from breaking through the network and using one of the operating system's native services -- for example, file sharing -- to access the server. Physical network security also comes into play when any data is exposed, as the potential exists for malicious or unauthorized users to eavesdrop both on the network where the Domino® system resides and on the system you are using to set up the server.

Network access is typically controlled using network hardware -- such as filtering routers, firewalls, and proxy servers. Be sure to enable rules and connection pathways for the services that you and others will access.

Newer firewall systems offer virtual-private-network (VPN) services, which encapsulate the TCP/IP packet into another IP wrapper where the inner TCP/IP packet and its data are encrypted. This is a popular way to create virtual tunnels through the Internet between remote sites. If you want to have the Domino server access both a private VPN and the Internet for SMTP mail, make sure your solution is able to handle full TCP data packets and that it allows dual connections. If not, the Domino server system may require a second NIC to work around limitations of the VPN solution.