Securing Internet Access to N4

While your N4 system may not be exposed to external users, you can still add Transport Layer Security or Secured Sockets Layer (TLS/SSL) for all web components. Navis recommends that you restrict access to your system by configuring TLS/SSL, keep services behind firewalls, and disable any ports that are not used.

In This Section

• Configure browser security for N4    1

• Enable HTTP Strict Transport Security (HSTS) Policy in N4    1

• Enable cross-origin resource sharing (CORS)    1

• Enable protection against Cross-Site Request Forgery for ECN4Web    1

• Configure security for remote JMX monitoring (3.6+)    1

• Configure SMTP over SSL/TSL    1

• Remote login to the XPS server    1

• Disable LLMNR and NetBIOS on Windows servers    1

• Server Message Block (SMB) signing    1

• File uploads    1

• Update Policies for the Azure Web Application Firewall    1