Always ensure that the eDirectory servers are protected by a firewall. The NetWare Core Protocol (NCP) port, which is usually 524 by default, should be opened in the firewall to allow communication with other eDirectory servers in the tree. If required, you can also open the LDAPS port 636. Anonymous access and clear text LDAP port 389 should be disabled to prevent unauthorized access.
To ensure maximum security, it is recommended to keep the servers in a physically secure location and restrict access to only authorized personnel.