1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Server
  5. NETSCAPE DIRECTORY SERVER 6.01 - DEPLOYMENT
  6. Deployment manual

Security Design - Netscape DIRECTORY SERVER 6.01 - DEPLOYMENT Deployment Manual

Hide thumbs
Table of Contents

Advertisement

A Multinational Enterprise and its Extranet
The same relationship as illustrated in Figure 8-14 exists between
and
example.com

Security Design

example.com
following access controls to support its new multinational intranet:
example.com
restrictive ACIs in each country and the branches beneath each country.
example.com
the directory.
example.com
of the ACI. When the directory gets an incoming LDAP operation, the ACI
macros are matched against the resource targeted by the LDAP operation. If
there is a match, the macro is replaced by the value of the DN of the targeted
resource.
For more information about macro ACIs, refer to the Netscape Directory Server
Administrator's Guide.
example.com
example.com
activities. When people log in to the extranet, they need a digital certificate.
The directory is used to store the certificates. Because the directory stores the
certificates, users can send encrypted email by looking up public keys stored in
the directory.
example.com
This protects the extranet from denial of service attacks.
example.com
example.com
the extranet can only use the tools provided by
extranet users to
administrators to use the audit logs to track the use of the directory and limits
the types of problems that can be introduced by extranet users outside of
example.com
166
Netscape Directory Server Deployment Guide • January 2002
Asia, and between
International builds upon its previous security design, adding the
adds general ACIs to the root of the intranet, creating more
decides to use macro ACIs to minimize the number of ACIs in
uses a macro to represent a DN in the target or bind rule portion
adds the following access controls to support its extranet:
decides to use certificate-based authentication for all extranet
creates an ACI that forbids anonymous access to the extranet.
wants updates to the directory data to come only from a
hosted application. This means that partners and suppliers using
's preferred tools allows
example.com
International.
Europe and
example.com
example.com
US
example.com
Asia.
example.com
. Restricting
example.com

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.01 - DEPLOYMENT

Related Content for Netscape NETSCAPE DIRECTORY SERVER 6.01 - DEPLOYMENT

This manual is also suitable for:

Directory server 6.01

Table of Contents