» Home»

Security and Compliance for IBM Domino Servers

 
Allow real-time audit and change prevention
Track Domino Directory changes
Ensure compliance with legal regulations
Control configuration changes
with One-Click rollback
Safeguard your ID Vault
Automate server restart with
password protected server IDs
IBM Domino Server provides a range of security measures but the configuration can easily get complicated and give rise to major security issues. It is impossible to satisfy the security and compliance requirements of a multi-server environment in organizations without having a reliable track record of the access and configuration changes.

DominoProtect is a third party extension for IBM Domino servers that simplifies the system management, ensures compliance with legal regulations and adds an essential extra layer of security to the IBM Domino environment.		 DominoProtect is a configuration management tool for handling changes in IBM Domino systematically so that the system maintains its integrity over time. It consists of the procedures and techniques that are required to manage, evaluate proposed changes, track the changes, and to maintain an inventory of system and support documents as the system changes.
 
Prevent and track configuration changes in real-time
 
Track all actions occurring to the protected elements, which can be groups, connection or domain documents in your Domino Directory, as well as any type of configuration documents or ACLs on your server. You can choose the level of protection needed: just monitor the opening or modifying of events, or prevent these from happening.

Provide flexible configuration options for elements to be protected as well as for actions to be processed (e.g. dialog box, e-mail notification). You can setup a protection for all relevant documents or specific forms, as well as single fields. The protection covers changes caused by replication as well as manual attempts. 		DominoProtect tracks or prevents changes in real-time which guarantees consistent systems and means no dangerous system failures due to bad configurations. This has a clear advantage over using a scheduled approach, wherein one can only be informed about changes after they have already occurred.

Configuration management through approval workflow
 
When the protection for a specific element is activated, a request based, integrated workflow for the protected configuration objects is enabled. For the creation, change or deletion of these objects, a change request will be created automatically, with an optional approval cycle and multiple actions to be executed, such as sending an e-mail, processing of agents or the pop-up of dialog boxes.The automatically generated detailed history of the changes will include who performed the change and when it occurred. All changes performed, all rejected change requests, as well as unsuccessful change attempts performed through the Notes Client or the Domino Administrator are recorded (audit trail).
 

Safeguard and secure ID Vault and Domino Directory
 
As the ID Vault contains both sensitive and critical data, securing the access and changes with reliable audit trail is crucial.

Securing the ID Vault is essential to meet the modern compliance needs. DominoProtect ensures a holistic approach for the security of the ID Vault.		Preventing access to the ID Vault, managing changes to the ID Vault’s ACL, securing Security Event log documents, notifying the security team in case of extraction of IDs, protecting the ID Vault Admins group documents – are just a few examples of how DominoProtect can be used to safeguard the ID Vault.
 

Protect Server IDs with password and start servers unattended
 
“We understand that most Domino servers are not password-protected to make unattended reboots simpler, but the vault server's ID file is a key element in the security of your ID Vault.”

“A sophisticated attacker with a vault database and one of the corresponding server IDs ... would have all of the cryptographic information needed to masquerade as the vault server and decrypt all of the ID files stored in the vault.” 		DominoProtect facilitates automatic and unattended starts of IBM Domino server for password protected Server IDs. It will assign a highly secure randomly-generated password for each Server ID. Through the automatic supply of this password, a secure start of the IBM Domino server is ensured and the dangerous practice of using Server IDs without password is eliminated.
- IBM

Prevent misusage of FullAdmin privileges
 
The Full Access Administration can be used to bypass many IBM Domino security restrictions, e.g. for directly updating ACLs and accessing sensitive data, for changing configuration documents in Domino Directory , or even for fraudulently acting under a name of another user. Protecting your IBM Domino environment with DominoProtect allows you to deactivate Full Admin Adminstration and hence restrict actions carried out through these privileges.

Additionally, you can choose to prevent changes to the FullAdmin field in Server document or subject them to approval workflow to follow the four-eye principle.
 

Ensure IBM Domino compliance for corporate governance and legal regulations
 
Ensure a secure and compliant IBM Domino server environment by automating change processes, hence taking away the responsibility of administrators to avoid the misuse of sensitive data. With one single location to check for all the configuration changes, DominoProtect will be a significant timesaver.

One-Click Rollback and Recovery
 
Provide the complete recovery for all configuration changes with just one click. In the event of an error, an immediate rollback to a previous version can be done in seconds.

Try it out!
 
System Requirements - Check out the full list of supported platforms
 
Product Broschure - Download the factsheet of DominoProtect
 
Download Trial - Get your DominoProtect trial version right now!
 
Request quote - Interested in buying DominoProtect? Request a personal price quote.