4.3 Securing Communications with a VPN If SSL Is Disabled

We recommend configuring Novell iFolder to use encryption for all data exchanges between its different components because iFolder data is not encrypted by default. If you configure iFolder not to use encryption between the enterprise server and client or between the Web access server and the user’s Web browser, the user data is susceptible to eavesdropping or packet sniffing by third parties outside the corporate firewall.

Even if you consider the corporate environment to be a trusted environment, a VPN (virtual private network) should be employed for server-client and server-browser connections in the following situations:

For accessing the Web Access server over a VPN, make sure to disable split tunneling so that the traffic goes through the VPN connection to the corporate network, not over the public Internet.

For information about configuring SSL features for these communications, see the following: