       |
|
You can set general options to change the local admin password, specify how often to look for report stylesheets, automatically upgrade clients to the current server version, and compress files stored on the Surround SCM Server.
You can also enable encryption to secure client/server communication. Encryption scrambles data to prevent interception, or eavesdropping, as it passes between clients and the Surround SCM Server. You can use RSA key exchange for stronger encryption keys if your network is potentially insecure or if users log in to Surround SCM from outside of your network. See Securing communication between clients and the Surround SCM Server for information about encryption, authentication, and key exchange methods used in Surround SCM.
1. Choose Tools > Administration > Server Options.
The Server Options dialog box opens with the General category selected.
2. Enter and confirm a new password to change the local SCM admin password.
A local SCM admin user is created when Surround SCM is installed. It is strongly recommended that you change the admin password to a unique password.
3. Select a Look for new server stylesheets time interval to set how often the Surround SCM Server should automatically check for new report stylesheets on the server.
4. Select Automatically upgrade Surround SCM clients to the current Surround SCM Server version to enable automatic client upgrading for clients connecting to this server.
Selecting this option ensures all users are running the correct version of Surround SCM.
5. Select Compress files stored on the Surround SCM Server to compress files and use as little disk space as possible.
6. Select Encrypt communication between clients and the server to encrypt all communication between clients and the Surround SCM Server, which reduces the likelihood of eavesdropping by hackers.
Encryption increases security, but may slightly affect performance. Select this option if your organization’s network is secure and no client applications outside of the network communicate with the Surround SCM Server.
Tip: Always use encryption to keep data secure unless you are evaluating Surround SCM or troubleshooting performance issues.
The OpenSSL version used by Surround SCM is displayed. Any vulnerabilities found in OpenSSL are published on the OpenSSL web site. To check if OpenSSL version displayed in Surround SCM has vulnerabilities that impact Surround SCM, check Seapine's knowledgebase or contact Seapine Support for information.
7. Select Use RSA key exchange to use strong key exchange for communication between clients and the Surround SCM Server.
RSA is a public key encryption algorithm that uses separate keys for encryption and decryption. Select this option if your organization stores sensitive information in Surround SCM and users log in to client applications outside of your network using a username and password. If you use RSA, the public key must be added to all clients that access the Surround SCM Server. See Configuring RSA key exchange for information about setting up RSA.
Note: This option is only available if Encrypt communication between clients and the server is selected.
8. Click OK to save the changes.
If you change key exchange options, Surround SCM client applications and the Surround SCM web and proxy servers must be updated. The following scenarios require further action after changing security settings.
| If you use: | And you change it to: | You need to: |
|---|---|---|
| No encryption | RSA key exchange | Download a settings file that Surround SCM client users need to import in the server connection settings. If you use Surround SCM Web or proxy servers, import the file in the Surround SCM Registry Utility on the corresponding server computer. |
| RSA key exchange | No encryption or basic encryption (Encrypt server communication between clients and the server is selected) | Remove the public key fingerprint from any clients that connect to the server. Click Remove in the server connection information in clients and in the options for servers in the Surround SCM Registry Utility. |
See Configuring RSA key exchange for information about adding and removing keys in Surround SCM clients.
| |
|