Although iManager leverages secure HTTP (SSL) for client communications, and secure LDAP connections between iManager and eDirectory servers, iManager does not, with the exception of reading encrypted attributes, utilize secure NCP connections for communications between iManager servers and eDirectory servers.
This is also true for the NCP connection used by Mobile iManager. The impact of this, which can result in some wire-level data exposure, can be mitigated through normal network security practices such as the following:
Locating all iManager servers behind the firewall
Locating iManager servers physically near their associated eDirectory servers
Physically securing iManager and eDirectory servers
Requiring remote administrators to use a VPN to access iManager and eDirectory servers
NOTE:Regardless of the wire-level encryption being used, passwords are always encrypted and protected as part of the iManager authentication process.