21.1 Securing the Teaming Data

21.1.1 Limiting Physical Access to Teaming Servers

Servers where NovellĀ® Teaming data resides should be kept physically secure, where unauthorized persons cannot gain access to the server consoles.

21.1.2 Protecting the Teaming File Repository

The Novell Teaming file repository contains unencrypted data. See Distributing Different Data Types to Different Locations in Advanced Installation and Reconfiguration in the Novell Teaming 2.0 Installation Guide for details about how NovellĀ® Teaming uses the local file system for data storage. These directories contain uploaded information in various formats (both native file formats and potentially a number of rendered formats (such as cached HTML versions of files, thumbnails, and RSS feeds) as well as archived data. These files are managed exclusively by the Teaming application software.

For data security, encrypted file systems should be used on servers where Teaming data resides. Only Teaming administrators should have direct access to Teaming data.

21.1.3 Protecting the Teaming Database

During installation, you select the encryption method that you want to use for the Novell Teaming database, as described in Database Encryption Algorithm in Basic Installation in the Novell Teaming 2.0 Installation Guide. Three levels of encryption strength are available. The encryption algorithm cannot be changed after you have started using the Teaming database, so be sure to select the level of encryption appropriate for your Teaming site during initial installation.

Depending on your local security guidelines, you might want to encrypt the database connections between the Novell Teaming software and the Teaming database. SSL-encrypted data between the Teaming application and the database server imposes a performance penalty because of the increased overhead of encrypting and decrypting the retrieved data.

Support for this is highly dependent on the database client drivers and JDBC* connector support, and on how you are configuring your database client and server certificates. You should check with your database vendor on how to set up SSL connections on both the client and server sides of the connection. You might need to modify the JDBC URL during installation, as described in Database Location in Basic Installation in the Novell Teaming 2.0 Installation Guide. For example, for MySQL, you might add useSSL=true&requireSSL=true to the options part of the JDBC URL.