3.5.1 Secure operations
If you want to operate your JP1/DH - Server accessible to and from the Internet, you need to protect the system against server attacks or unauthorized access from a third-party. This subsection covers information related to secure operations of the system.
Also, even if you operate JP1/DH - Server in your private network, you can make use of the information depending on the security level you want.
- Organization of this subsection
(1) OS operations that follow security guides from your OS vendor
Examples of measures required to build and maintain a secure JP1/DH - Server machine environment include the following:
-
Having appropriate control over users, roles, and privileges for the OS
-
Eliminating unnecessary services and applications and limiting the role that the JP1/DH - Server machine plays
-
Monitoring logs and audit records
Security guides for Windows are available from the Microsoft web site. Follow these guides to take necessary measures.
(2) Access permissions
To control who and which systems have access to JP1/DH - Server, example measures include the following:
-
Filter access to the JP1/DH - Server server by using, for example, a reverse proxy.
-
Check logs of the reverse proxy periodically for any unauthorized access or attacks.
-
Consider taking measures such as blocking access from terrorist-supporting states or countries under a trade embargo.
(3) Virus scanning
When a user attempts to send a file, JP1/DH - Server copies it to a folder on the JP1/DH - Server machine, keeping it temporarily. This might result in storing a virus-infected file in the JP1/DH - Server machine if a user sends an infected file. JP1/DH - Server does not execute these files on the machine or open them with a corresponding application. However, spreading the virus-infected file to recipients must be avoided. For this purpose, you need to consider operations to install an anti-virus software on the JP1/DH - Server machine, and to monitor whether any virus-infected files are detected.
For details about the storage location for files sent and received by users, see 3.2.2 Storage folder for delivery data.
If an anti-virus program removes a file to be transferred or received from the disk on the JP1/DH - Server machine, the system deactivates the Download button on the web user-interface, disabling downloads of the file.