Administration Console contains configuration information for all Access Manager components. If you federate your users with other servers, it stores configuration information about these users. You need to protect Administration Console so that unauthorized users cannot change configuration settings or gain access to the information in the configuration store.
When you develop a security plan for Access Manager, consider the following considerations:
-
Section 2.1, Managing Administration Console Session Timeout
-
Section 2.2, Securing iManager Login Settings
-
Section 2.3, Securing Administrator Accounts
-
Section 2.4, Security Measures for Delegated Administrators
-
Section 2.5, Protecting the Configuration Store
-
Section 2.6, Disabling Weak Protocols
-
Section 2.7, Configuring Stronger Ciphers for SSL Communication
-
Section 2.8, Enabling Perfect Forward Secrecy
-
Section 2.9, Disabling SSL Renegotiations
-
Section 2.10, Customizing the Size of EDH Keys
-
Section 2.11, Preventing Error Messages to Show the Failure Reason on Browsers
-
Section 2.12, Samples of Recommended Settings in Configuration Files