<< Click to Display Table of Contents >> Navigation: Preparing for FYI > Server Setup and Security |
Your server infrastructure and set-up design are critical to ensuring that FYI Server and its companion products work together in a seamless fashion and that data processing is running at optimal levels. Planning your strategy in advance saves you frustration, time, and possibly even money in the future. The steps you take now in carefully implementing the product, server locations, database locations and network directories help ensure your success in using it.
•Port access and service protocols
•Server placement and network mapping
•Server firewalls and monitoring services
•Database firewalls
•User security
Plan your integration of FYI Server to ensure they coincide with your organization’s network policies and procedures and re-examine them for how they impact FYI Server requirements.
For more information about server firewalls, see About setting up and managing firewalls.
For more information about setting up user security, see About setting up user security.
For more information about clients and matters, see About clients and matters.
Identifying which administrators need access to the FYI Admin Console, Concordance, and FYI Reviewer is key to ensuring that ongoing maintenance gets performed.
Checklist: Identifying Administrative Tasks |
|
---|---|
Did you set up an administrator user ID and password in Microsoft Windows Services for the FYI Server to access servers where data resides? |
|
Do you know which administrators on your team need access to the FYI Admin Console? *Each user should have an individual user name and password. |
|
Additionally, have you identified which administrators on your team need access to Concordance administrative menu items? |
|
Do you have any administrators that need access to FYI Reviewer? *New users of FYI Server and FYI Reviewer may find that having administrator access to FYI Reviewer is helpful. |
|
Have you determined if there are varying levels of rights being granted to administrators? |
|
Do you know which administrators will be in charge of Concordance database processing (Zap, Pack, Index, Reindex), and for what clients, matters, and databases in the FYI Admin Console? |
|
Have you decided which administrators should receive e-mail alerts when a process fails to run or FYI Reviewer licenses need renewal, etc.? |
|
Have you determined which administrators are responsible for ensuring that packets are not dropped? |
|
Did you decide which administrators are responsible for resolving severe errors? |
One of the primary distinctions to make in advance is whether you are using external authentication to manage your users or are simply using Concordance security. FYI can authenticate users using Microsoft Active Directory while also allowing you to setup field and menu restrictions for each database with Concordance security.
•If you are installing the FYI Server on the DMZ (demilitarized zone), you should use the external authentication to set up users, in addition to setting Concordance security in each database.
•If you are installing the FYI Server on the LAN (local area network), you can simply use Concordance security, which at a minimum, requires that logins and passwords are set for each user in each individual database.
For more information about authentication, see About setting up user security.
Most FYI ASPs and organizations are managing hundreds of users simultaneously and they all need access to multiple matters and databases in remote locations. Designing a user matrix that identifies each user’s database access needs may be helpful to reference when setting up and managing user security.
Concordance security allows you to grant each user different read/write access to fields and menus within a database. Security settings, user roles or groups, and user role templates can be modified based on individual needs and do affect a user’s access to Concordance .FYI or FYI Reviewer. Understanding what key settings need to be retained in order for users to access the software and underlying databases helps you minimize problem solving later.
Additionally, FYI Server allows you to control what databases and matters are viewable and accessible to a user based on client and matter organization within the FYI Admin Console on the Management tab.
The FYI Server and FYI Reviewer do not support user names, passwords, or database names containing characters in Unicode. FYI Reviewer only supports user names, passwords, or database names containing single-byte characters, such as English characters. |
If your organization uses FYI Server and FYI Reviewer, be sure to only use single-byte characters when creating user names, passwords, and database names in Concordance.
For more information about setting up users and user security in FYI Server, see About setting up user security.
For more information about clients and matters, see About clients and matters.
Undoubtedly, you will be managing users who need access to either Concordance .FYI or FYI Reviewer. Most users should already have accounts and security applied within Concordance databases and you can import the user accounts directly into the FYI Server when registering a database in the Administration Console. Reference the following checklist to ensure you have completed necessary tasks for user implementation.
Checklist: Importing Users |
|
---|---|
|
Applying Security |
If you are using external authentication, did you set up all users first in the domain? *Passwords should be set to never expire. |
|
Did you ensure that Concordance user names match those used in the domain? |
|
Did you enable security and require logons in Concordance databases that are registered in the FYI Admin Console? |
|
Did you create pre-defined user templates to speed the implementation process and quickly add new users to databases later? |
|
If you added a new user later, did you remember to set them up in Microsoft Active Directory and/or Concordance databases, and then import them in the FYI Server when databases are synchronized? |
|
Did you remember to export your security information from Concordance to a .csv file? |
|
|
Synchronizing Databases |
When you synchronize databases in the FYI Admin Console to update the User list in the Management tab, did you remember to verify associations with clients, matters, and databases? |
|
|
Enabling Accounts |
Did you remember to enable each user account and set the maximum database on the General side tab on the User side tab in the FYI Admin Console? |
A registered database in FYI Server can be synchronized with a Concordance database. This updates the user lists - adding new users and removing deleted users. Databases can be synchronized automatically by clicking the Synchronize now button on the Management tab in the FYI Admin Console. Jobs can also be scheduled to synchronize databases.
A database administrator needs to be specified before a database with security enabled can be automatically synchronized. |
FYI Server uses the authentication logon name to determine a user's Concordance database rights, field rights, and menu security. If the user's logon name is not added to the Concordance database, the user will not have access to the database in FYI Reviewer. Check the Concordance database in Concordance and add user names and rights as needed.
If a database administrator is specified, FYI Server will update the user's password in Concordance when the user logs on to FYI Reviewer. An external authentication password takes precedence over a Concordance password. This allows the system administrators to use external security, such as Microsoft Windows, to set password policies, including expiration, renewal and format.
The first user to enter a user name and password when accessing the Security dialog box (File > Administration > Security) in Concordance, is deemed the database Supervisor. It is essential that this user name and password combination is tracked. Without them, the database security settings are essentially locked, since there is no backdoor to gain access to the security file.
It is recommended that the supervisor be given full access to the database in the Security dialog box in Concordance. This ensures that the supervisor is not accidentally locked out of the database.
The supervisor can add users to the Concordance database, assigning them field-specific rights and limiting their menu access.
For more information about adding users to a Concordance database, see About setting up user security.
The FYI Server and FYI Reviewer do not support user names, passwords, or database names containing characters in Unicode, such as Chinese or Japanese characters. Currently, FYI Server and FYI Reviewer only support user names, passwords, or database names containing single-byte characters, such as English characters. |
If your organization uses FYI Server and FYI Reviewer, be sure to only use single-byte characters when creating user names, passwords, and database names in Concordance.
1.Add all of the domain user names to the Concordance database and assign database rights and access.
i.For more information about adding users to a Concordance database, see About setting up user security.
2.Add the users to the domain server.
3.Insert the domain users on the Users side tab on the Management tab in the FYI Admin Console.
i.For more information about inserting domain users, see Updating the Users list.
If both the LDAP and Auxiliary server options are set, both server names are displayed when using the Insert Domain Users option. |
Users will be locked out of the database in FYI Reviewer if they are not added to the Concordance database as a first step. |