|
Users are authenticated |
Yes |
Administrative users are authenticated via eDirectory™. |
|
Users are authorized |
Yes |
Users are authorized via eDirectory trustees. |
|
Access to configuration information is controlled |
Yes |
Access to the administrative interface is restricted to valid users that have write rights to the configuration files. |
|
Roles are used to control access |
Yes |
Configurable through iManager |
|
Logging and/or security auditing is done |
Yes |
Syslog on Linux. On NetWare®, messages go on the logger screen. XTier has its own logging mechanism on all platforms. XTlog is also used. |
|
Data on the wire is encrypted by default |
Yes |
Data is encrypted on the wire if SSL is used.
If SSL is not used, NetIdentity can be used to provide secure authentication. |
|
Stored data is encrypted |
No |
|
|
Passwords, keys, and any other authentication materials are stored encrypted |
Yes |
Usernames and passwords are encrypted. NetStorage configuration is encrypted in eDirectory. |
|
Security is on by default |
Yes |
This is a Web server setting, which can be turned on or off at the Web server. |