Enviar pesquisa
Carregar
Alfresco Security Checklist for Best Practices
•
1 gostou
•
10,075 visualizações
Título melhorado com IA
Toni de la Fuente
Seguir
Alfresco Security Check List, as part of the Alfresco Security Best Practices guide.
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 1
Baixar agora
Baixar para ler offline
Recomendados
Alfresco Security Best Practices 2012
Alfresco Security Best Practices 2012
Toni de la Fuente
Alfresco Backup and Recovery Tool: a real world backup solution for Alfresco
Alfresco Backup and Recovery Tool: a real world backup solution for Alfresco
Toni de la Fuente
TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017
Toni de la Fuente
Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014
Santiago Bassett
Iptablesrocks
Iptablesrocks
qwer_asdf
RIPE 70 Report Webinar
RIPE 70 Report Webinar
Men and Mice
IPv6 for Pentesters
IPv6 for Pentesters
NotSoSecure Global Services
RIPE 71 and IETF 94 reports webinar
RIPE 71 and IETF 94 reports webinar
Men and Mice
Recomendados
Alfresco Security Best Practices 2012
Alfresco Security Best Practices 2012
Toni de la Fuente
Alfresco Backup and Recovery Tool: a real world backup solution for Alfresco
Alfresco Backup and Recovery Tool: a real world backup solution for Alfresco
Toni de la Fuente
TTL Alfresco Product Security and Best Practices 2017
TTL Alfresco Product Security and Best Practices 2017
Toni de la Fuente
Malware Detection with OSSEC HIDS - OSSECCON 2014
Malware Detection with OSSEC HIDS - OSSECCON 2014
Santiago Bassett
Iptablesrocks
Iptablesrocks
qwer_asdf
RIPE 70 Report Webinar
RIPE 70 Report Webinar
Men and Mice
IPv6 for Pentesters
IPv6 for Pentesters
NotSoSecure Global Services
RIPE 71 and IETF 94 reports webinar
RIPE 71 and IETF 94 reports webinar
Men and Mice
The KNOT DNS Server
The KNOT DNS Server
Men and Mice
Why Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container Technology
Sagi Brody
Kamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication Platforms
Daniel-Constantin Mierla
What is new in BIND 9.11?
What is new in BIND 9.11?
Men and Mice
Apache web-server-security
Apache web-server-security
Andrew Carr
Snappy Kamailio
Snappy Kamailio
Daniel-Constantin Mierla
Yeti DNS - Experimenting at the root
Yeti DNS - Experimenting at the root
Men and Mice
Getting started with salt stack
Getting started with salt stack
Suresh Paulraj
FreeSWITCH on Docker
FreeSWITCH on Docker
建澄 吳
Getting started with SIP Express Media Server SIP app server and SBC - workshop
Getting started with SIP Express Media Server SIP app server and SBC - workshop
stefansayer
Snort296x centos6x 2
Snort296x centos6x 2
Trinh Tuan
High Availability Asterisk and FreePBX on Microsoft Azure
High Availability Asterisk and FreePBX on Microsoft Azure
Sanjay Willie
Project Basecamp: News From Camp 4
Project Basecamp: News From Camp 4
Digital Bond
UKOUG Tech17 - Stay Secure With Oracle Solaris
UKOUG Tech17 - Stay Secure With Oracle Solaris
JomaSoft
XFLTReaT: A New Dimension In Tunnelling (DeepSec 2017)
XFLTReaT: A New Dimension In Tunnelling (DeepSec 2017)
Balazs Bucsay
Cisco asa active,active failover configuration
Cisco asa active,active failover configuration
IT Tech
DNSTap Webinar
DNSTap Webinar
Men and Mice
Presentation1
Presentation1
Ma.Danna Inigo
What happens when firefox crashes?
What happens when firefox crashes?
Erik Rose
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
DevOpsDays Riga
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...
Kangaroot
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.be
Mandi Walls
Mais conteúdo relacionado
Mais procurados
The KNOT DNS Server
The KNOT DNS Server
Men and Mice
Why Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container Technology
Sagi Brody
Kamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication Platforms
Daniel-Constantin Mierla
What is new in BIND 9.11?
What is new in BIND 9.11?
Men and Mice
Apache web-server-security
Apache web-server-security
Andrew Carr
Snappy Kamailio
Snappy Kamailio
Daniel-Constantin Mierla
Yeti DNS - Experimenting at the root
Yeti DNS - Experimenting at the root
Men and Mice
Getting started with salt stack
Getting started with salt stack
Suresh Paulraj
FreeSWITCH on Docker
FreeSWITCH on Docker
建澄 吳
Getting started with SIP Express Media Server SIP app server and SBC - workshop
Getting started with SIP Express Media Server SIP app server and SBC - workshop
stefansayer
Snort296x centos6x 2
Snort296x centos6x 2
Trinh Tuan
High Availability Asterisk and FreePBX on Microsoft Azure
High Availability Asterisk and FreePBX on Microsoft Azure
Sanjay Willie
Project Basecamp: News From Camp 4
Project Basecamp: News From Camp 4
Digital Bond
UKOUG Tech17 - Stay Secure With Oracle Solaris
UKOUG Tech17 - Stay Secure With Oracle Solaris
JomaSoft
XFLTReaT: A New Dimension In Tunnelling (DeepSec 2017)
XFLTReaT: A New Dimension In Tunnelling (DeepSec 2017)
Balazs Bucsay
Cisco asa active,active failover configuration
Cisco asa active,active failover configuration
IT Tech
DNSTap Webinar
DNSTap Webinar
Men and Mice
Presentation1
Presentation1
Ma.Danna Inigo
Mais procurados
(18)
The KNOT DNS Server
The KNOT DNS Server
Why Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container Technology
Kamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication Platforms
What is new in BIND 9.11?
What is new in BIND 9.11?
Apache web-server-security
Apache web-server-security
Snappy Kamailio
Snappy Kamailio
Yeti DNS - Experimenting at the root
Yeti DNS - Experimenting at the root
Getting started with salt stack
Getting started with salt stack
FreeSWITCH on Docker
FreeSWITCH on Docker
Getting started with SIP Express Media Server SIP app server and SBC - workshop
Getting started with SIP Express Media Server SIP app server and SBC - workshop
Snort296x centos6x 2
Snort296x centos6x 2
High Availability Asterisk and FreePBX on Microsoft Azure
High Availability Asterisk and FreePBX on Microsoft Azure
Project Basecamp: News From Camp 4
Project Basecamp: News From Camp 4
UKOUG Tech17 - Stay Secure With Oracle Solaris
UKOUG Tech17 - Stay Secure With Oracle Solaris
XFLTReaT: A New Dimension In Tunnelling (DeepSec 2017)
XFLTReaT: A New Dimension In Tunnelling (DeepSec 2017)
Cisco asa active,active failover configuration
Cisco asa active,active failover configuration
DNSTap Webinar
DNSTap Webinar
Presentation1
Presentation1
Semelhante a Alfresco Security Checklist for Best Practices
What happens when firefox crashes?
What happens when firefox crashes?
Erik Rose
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
DevOpsDays Riga
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...
Kangaroot
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.be
Mandi Walls
InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017
Mandi Walls
DEFCON 23 - Patrick Wardle - stick that in your (root)pipe and smoke it
DEFCON 23 - Patrick Wardle - stick that in your (root)pipe and smoke it
Felipe Prado
Salt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environments
Benjamin Cane
Prescriptive System Security with InSpec
Prescriptive System Security with InSpec
All Things Open
Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019
Mandi Walls
Alfresco Security Best Practices 2014
Alfresco Security Best Practices 2014
Toni de la Fuente
OSDC 2017 - Mandi Walls - Building security into your workflow with inspec
OSDC 2017 - Mandi Walls - Building security into your workflow with inspec
NETWAYS
Adding Security to Your Workflow with InSpec (MAY 2017)
Adding Security to Your Workflow with InSpec (MAY 2017)
Mandi Walls
Alfresco sdk 2.0
Alfresco sdk 2.0
Yoshi Aochi
Lecture1: NGS Analysis on Beocat and an introduction to Perl programming for ...
Lecture1: NGS Analysis on Beocat and an introduction to Perl programming for ...
Jennifer Shelton
OSDC 2017 | Building Security Into Your Workflow with InSpec by Mandi Walls
OSDC 2017 | Building Security Into Your Workflow with InSpec by Mandi Walls
NETWAYS
InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017
Mandi Walls
Building Security into Your Workflow with InSpec
Building Security into Your Workflow with InSpec
Mandi Walls
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Pablo Godel
The Scientific Filesystem
The Scientific Filesystem
Vanessa S
2019 Chef InSpec Jumpstart Part 1 of 2
2019 Chef InSpec Jumpstart Part 1 of 2
Larry Eichenbaum
Semelhante a Alfresco Security Checklist for Best Practices
(20)
What happens when firefox crashes?
What happens when firefox crashes?
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
DevOpsDaysRiga 2017: Mandi Walls - Building security into your workflow with ...
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.be
InSpec Workflow for DevOpsDays Riga 2017
InSpec Workflow for DevOpsDays Riga 2017
DEFCON 23 - Patrick Wardle - stick that in your (root)pipe and smoke it
DEFCON 23 - Patrick Wardle - stick that in your (root)pipe and smoke it
Salt conf 2014 - Using SaltStack in high availability environments
Salt conf 2014 - Using SaltStack in high availability environments
Prescriptive System Security with InSpec
Prescriptive System Security with InSpec
Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019
Alfresco Security Best Practices 2014
Alfresco Security Best Practices 2014
OSDC 2017 - Mandi Walls - Building security into your workflow with inspec
OSDC 2017 - Mandi Walls - Building security into your workflow with inspec
Adding Security to Your Workflow with InSpec (MAY 2017)
Adding Security to Your Workflow with InSpec (MAY 2017)
Alfresco sdk 2.0
Alfresco sdk 2.0
Lecture1: NGS Analysis on Beocat and an introduction to Perl programming for ...
Lecture1: NGS Analysis on Beocat and an introduction to Perl programming for ...
OSDC 2017 | Building Security Into Your Workflow with InSpec by Mandi Walls
OSDC 2017 | Building Security Into Your Workflow with InSpec by Mandi Walls
InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017
Building Security into Your Workflow with InSpec
Building Security into Your Workflow with InSpec
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
The Scientific Filesystem
The Scientific Filesystem
2019 Chef InSpec Jumpstart Part 1 of 2
2019 Chef InSpec Jumpstart Part 1 of 2
Mais de Toni de la Fuente
SANS Cloud Security Summit 2018: Forensics as a Service
SANS Cloud Security Summit 2018: Forensics as a Service
Toni de la Fuente
OWASP Atlanta 2018: Forensics as a Service
OWASP Atlanta 2018: Forensics as a Service
Toni de la Fuente
Alfresco DevCon 2018: From Zero to Hero Backing up Alfresco
Alfresco DevCon 2018: From Zero to Hero Backing up Alfresco
Toni de la Fuente
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Toni de la Fuente
Prowler: BlackHat Europe Arsenal 2018
Prowler: BlackHat Europe Arsenal 2018
Toni de la Fuente
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
Toni de la Fuente
From zero to hero Backing up alfresco
From zero to hero Backing up alfresco
Toni de la Fuente
Automate or die! Rootedcon 2017
Automate or die! Rootedcon 2017
Toni de la Fuente
Seguridad en Internet para todos los públicos
Seguridad en Internet para todos los públicos
Toni de la Fuente
Storage and Alfresco
Storage and Alfresco
Toni de la Fuente
Alfresco Security Best Practices Guide
Alfresco Security Best Practices Guide
Toni de la Fuente
Alfresco Backup and Disaster Recovery White Paper
Alfresco Backup and Disaster Recovery White Paper
Toni de la Fuente
Alfresco One (Enterprise) vs Alfresco Community 2014
Alfresco One (Enterprise) vs Alfresco Community 2014
Toni de la Fuente
Comparativa entre Alfresco Enterprise vs Community
Comparativa entre Alfresco Enterprise vs Community
Toni de la Fuente
Monitoring Alfresco with Nagios/Icinga
Monitoring Alfresco with Nagios/Icinga
Toni de la Fuente
Nuevo Alfresco Records Management 2.0
Nuevo Alfresco Records Management 2.0
Toni de la Fuente
Consejos de seguridad con Alfresco
Consejos de seguridad con Alfresco
Toni de la Fuente
Alfresco y SOLR, presentación en español
Alfresco y SOLR, presentación en español
Toni de la Fuente
Alfresco Day Madrid - Jeff Potts - Community
Alfresco Day Madrid - Jeff Potts - Community
Toni de la Fuente
Alfresco Day Madrid - Jeff Potts - Activiti
Alfresco Day Madrid - Jeff Potts - Activiti
Toni de la Fuente
Mais de Toni de la Fuente
(20)
SANS Cloud Security Summit 2018: Forensics as a Service
SANS Cloud Security Summit 2018: Forensics as a Service
OWASP Atlanta 2018: Forensics as a Service
OWASP Atlanta 2018: Forensics as a Service
Alfresco DevCon 2018: From Zero to Hero Backing up Alfresco
Alfresco DevCon 2018: From Zero to Hero Backing up Alfresco
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Prowler: BlackHat Europe Arsenal 2018
Prowler: BlackHat Europe Arsenal 2018
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
From zero to hero Backing up alfresco
From zero to hero Backing up alfresco
Automate or die! Rootedcon 2017
Automate or die! Rootedcon 2017
Seguridad en Internet para todos los públicos
Seguridad en Internet para todos los públicos
Storage and Alfresco
Storage and Alfresco
Alfresco Security Best Practices Guide
Alfresco Security Best Practices Guide
Alfresco Backup and Disaster Recovery White Paper
Alfresco Backup and Disaster Recovery White Paper
Alfresco One (Enterprise) vs Alfresco Community 2014
Alfresco One (Enterprise) vs Alfresco Community 2014
Comparativa entre Alfresco Enterprise vs Community
Comparativa entre Alfresco Enterprise vs Community
Monitoring Alfresco with Nagios/Icinga
Monitoring Alfresco with Nagios/Icinga
Nuevo Alfresco Records Management 2.0
Nuevo Alfresco Records Management 2.0
Consejos de seguridad con Alfresco
Consejos de seguridad con Alfresco
Alfresco y SOLR, presentación en español
Alfresco y SOLR, presentación en español
Alfresco Day Madrid - Jeff Potts - Community
Alfresco Day Madrid - Jeff Potts - Community
Alfresco Day Madrid - Jeff Potts - Activiti
Alfresco Day Madrid - Jeff Potts - Activiti
Último
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Lars Bell
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Miki Katsuragi
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
charlottematthew16
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
Último
(20)
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
Alfresco Security Checklist for Best Practices
1.
Alfresco Security Best
Practices 46! ! Appendix I: Security Checklist Alfresco(Security(Check(List( This!is!a!list!of!basics!checks!to!perform!in!any!Alfresco!production!deployment.!In!case!of!cluster,!these!checks!should!be! passed!to!all!nodes.!Please!read!this!document!before!in!order!to!understand!all!checks!below:! Server!Name:!____________________________________! Server!IP!Address:!________________________________! ! Last!Service!Pack!/!Hot!fix!of!the!Alfresco!existing! version!installed! ! Changed!default!admin!password! ! If!Linux,!run!the!application!server!as!non!root! user! ! Changed!the!default!JMX!passwords!for! controlRole!and!monitorRole! ! Switched!to!SSL!all!required!services!using!a! custom/owned!certificate!(not!default!cert):! ! HTTP!/!Webdav!/!API! ! Enable!HSTS! ! Force!secure!cookies! ! SharePoint!Protocol! ! IMAP! ! FTP! ! SMTP!INBOUND! ! SMTP!OUTBOUND! ! Solr!(SSL!by!default),!if!in!separate!tier! ! If!clustered:!JGroups!or!Hazelcast! (optional)! ! Alfresco!JDBC!to!DB!communication! (optional)! ! Check!certificate!strength!! ! Change!file!permissions!to!allow!only!the! application!user!to!see!and!write!these!files! and/or!directories!(i.e.!Linux:!chmod!0600!<pathL toLfile>):!! ! “alfrescoLglobal.properties”! ! “dir_root/contentstore”! ! “dir_root/solr”!or!“dir_root/luceneL indexes”! ! Alfresco!and!application!server!logs!are!all!in!the! same!directory,!with!the!proper!security! permissions!and!logs!rotation!configured!(app! server!logs,!alfresco.log,!share.log,!solr.log)! ! If!Alfresco!is!connected!to!internet!remove!the! Alfresco!banner!in!the!Share!login!page! ! If!LDAP,!AD!or!third!party!authentication!is! enabled,!any!communication!between!Alfresco! and!the!authentication!server!is!through!SSL!(i.e.! 636!TCP!for!LDAPS).! ! If!Alfresco!Replication!Service!is!needed:!! ! Use!HTTPS!! ! Do!not!replicate!with!“admin”!user! ! Disabled!unneeded!services! ! Enabled!audit!if!required! ! Disabled!guest!user! ! Backup!and!Disaster!Recovery!software! configured!and!tested!for!indexes,!db,! contentstore,!installation,!configuration!and! customization!files! ! Deleted!files!under!control! ! The!trashcan!has!to!be!emptied! manually!or!install!trashcancleaner! ! Configured!Alfresco!to!delete!files!from! file!system!when!the!trashcan!is! emptied!(eagerCleaner)! ! A!shell!script!to!delete! contentstore.deleted!once!a!week! ! Local!and!network!firewalls!are!properly! configured!for!both!inbound!and!outbound! traffic! ! Monitoring!services!availability!through!JMX! with!solutions!like!Hyperic,!Nagios!or!JMelody! ! Encryption!at!rest!is!enabled!(available!in! Alfresco!One!5.0)! ! Passwords!in!properties!files!are!encrypted! (available!in!Alfresco!One!5.0)! ! Check!“fileMserversMcustom.xml”!permissions!if! Kerberos!is!configured! ! Check!FSTR!configuration!files!permissions!if!is! configured!(it!has!password!inside)! ! Embedded!metadata!is!still!in!every!file,!clean! this!before!content!leaves!Alfresco,!to!prevent! information!leaks!through!metadata!! ! API,!services!and!Share!proxy!accesses!are! protected! ! In!case!of!integration!with!third!party! applications,!establish!a!dedicated!Alfresco! authenticated!user!versus!using!the!admin!user! ! CSRF!is!enabled!in!Alfresco!Share!(default)! ! Alfresco!Share!IFramePolicy!is!configured!as! “deny”! ! Enable! SecurityHeadersPolicy,! in! Share! that! mitigates!clickjacking!attacks!! ! Configure! HTML! processing! black/white! lists! (optional)! ! Custom!error!page!created!at!web!server!or! application!server!level!(optional)! ! Use!a!network!IDS!on!top!of!Alfresco!server! (optional)! ! Use!a!Web!Application!Firewall!on!top!of! Alfresco!(optional)! ! Use!an!antivirus!solution!at!the!server!side!or! through!communication!and!an!Advanced!Threat! Protection!System!(optional)
Baixar agora