![]() ![]() ![]() Instructions for disabling SSL, TLSv1, and/or TLSv1.1 can be found here. You can then select the ciphers that are considered strong (refer to part 1 of this article for guidance on what can be considered strong cryptography) by clicking the SSL/TLS Ciphers button.įor information regarding MFT Server support for TLS 1.2, read this. To force administrators to access the server using HTTPS, go to Settings > Web > REST tab. Consequently, when HTTPS is used, administrative passwords are encrypted during transmission. Requirement 2.3Īll communications between the JSCAPE MFT Server Web-based Administrative user interface and the server itself may be carried out via HTTPS, which in turn may be protected with TLS. Because these instructions are available online, these sample administrative login credentials are available for all to see. In fact, if possible, don't use "admin" for your admin username either. So I suggest you open Part 1 in another tab so it will be easier for you to refer to the details of a requirement on which a particular setting is based on.Īlthough JSCAPE's managed file transfer server does not come with any default system username and password, you might be tempted to enter the example admin username and password written in the documentation's installation instructions.įor example, in the installation instructions for Linux, there's a part in the online documentation that says:ĭon't use " secret " for your admin password. Here, we're going to show you how and where in JSCAPE MFT Server you can configure settings in order to meet those requirements.Īll I'll have here are the numbers corresponding to those PCI DSS requirements, each immediately followed by the setting that will help you meet them. In part 1, we enumerated all PCI-DSS requirements that directly affected password settings and practices. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |