MACROMEDIA BREEZE 5 Installation And Configuration Manual Download Page 21 | Manualshive

Page: 21 / 100

MACROMEDIA BREEZE 5 Installation And Configuration Manual Download Page 21

Planning for security

21

Best practices

The following is a checklist of best practices that will assist you in securing Breeze.

•

Protect your servers with firewalls.

You should place the Breeze server behind a firewall, especially if Breeze is accessed through the
Internet. If you do not place Breeze behind a firewall, you are leaving the server open for
attacks. Your sensitive information is unsecured and open for theft. All servers should sit
behind a firewall, including the system(s) hosting Breeze and the database server.

•

Run only the services you need.

You should run only the services you need for Breeze. This means that you should not run
applications like a domain controller, a web server or an FTP server on the same computer as
Breeze. By reducing the number of applications and services running on the computer hosting
Breeze, you can minimize the chances that another application can be used to compromise the
Breeze server.

•

Update operating system security.

For Windows and other platforms, customers need to check regularly for critical updates that
close platform security holes and apply the required patches. Some of these issues are
eliminated by a firewall. In general customers should keep their servers patched with all current
security updates approved by Microsoft and the other appropriate platform vendors.

•

Update database security.

Since your database may be another targeted application of the Breeze solution, you need to
check for database server security holes and apply the required patches. Like the operating
system, some issues are eliminated by a firewall, but you must continue applying the latest
patches.

•

Secure host systems.

Customers who store sensitive information on their servers should be aware of the physical
security of their systems. Breeze relies on the safety of the host system against intruders, so
servers should be kept secured when private and confidential data is at risk. Breeze is designed
to take advantage of native environmental features like file system encryption.

•

Use strong passwords.

Breeze users are protected by passwords. Users, and particularly administrators, should choose
strong passwords to keep their data safe. Breeze enterprise installations often use Microsoft
SQL Server, which also requires strong password protection.

•

Perform regular security audits.

Users should audit their systems periodically to ensure that all security features they installed
are still operating as expected. For example, firewalls are easily tested using a port scanner for
validation.

«
...
19
20
21
22
23
...
»

Summary of Contents for BREEZE 5

Page 1: ...Installation and Configuration Guide...

Page 2: ...Macromedia endorses or accepts any responsibility for the content on those third party sites The following are trademarks of Microsoft Microsoft Windows Microsoft PowerPoint XP Windows 2000 Windows S...

Page 3: ...a Breeze Server cluster 24 Installation requirements 25 Breeze user requirements 27 The Breeze database 29 CHAPTER 2 Preparing to Upgrade 31 Overview 31 Before you begin 32 Backing up your Breeze fil...

Page 4: ...r 84 Maintaining Breeze reliability 87 CHAPTER 5 Verifying Your Installation 91 Verifying that the Breeze database and Breeze Server work together 92 Verifying that you can use Breeze Manager and send...

Page 5: ...e applications Breeze Server Makes it possible to quickly create multimedia presentations that combine audio and video with slides and graphics Breeze Events Lets users manage the full lifecycle of la...

Page 6: ...ion about using the Breeze web application to host online real time meetings The documentation includes procedures that demonstrate the simplicity of adding slides Flash SWF files images and live audi...

Page 7: ...he embedded database engine Integrating Breeze with a learning management system LMS Troubleshooting Additional resources Additional documentation white papers and articles are available at the follow...

Page 8: ...breeze contains current support information including technical notes helpful Breeze presentations and support program details Troubleshooting If you encounter unexpected results after installing Bre...

Page 9: ...25 Additional software requirements on page 27 Breeze user requirements on page 27 The Breeze database on page 29 Before you start the installation you should plan how Breeze is to be configured When...

Page 10: ...URL of the server computer where Breeze is installed Typically the client uses a domain name such as www mycompany com and a name server translates the IP address of the server To send information to...

Page 11: ...h Player to provide meeting services such as content display and views into the Content library Planning for bandwidth requirements There are many network factors that can affect the Breeze Meeting ex...

Page 12: ...close to 125 Kbits sec of data Each viewer requires about 128 Kbits sec to consume all the data generated Adding screen sharing requires 184 Kbits sec To have a good Breeze Meeting experience with th...

Page 13: ...ces The LDAP protocol is supported by Microsoft Active Directory along with most other user directories With the LDAP protocol Breeze acquires its user data directly from an organization s user direct...

Page 14: ...s without sending a password to the server This procedure retrieves the user s Windows credentials to validate the user s access to Breeze The IT group schedules synchronization to begin every day at...

Page 15: ...to the Breeze server that the original data was encrypted Without SSL all logins are conducted over HTTP connections After you are connected to the Breeze server all presentations and meetings are de...

Page 16: ...a single server running in the DMZ demilitarized zone or an elaborate multiserver system running with different trusted zones Network security Breeze relies on several private TCP IP services for its...

Page 17: ...contains information that applies to both securing SQL Server 2000 and the embedded database engine www microsoft com sql techinfo administration 2000 security The following link provides a good start...

Page 18: ...e Internet and the server 2 Configure a firewall After installing your firewall configure it as follows Inbound ports from the Internet 80 443 1935 Outbound ports to the mail server 25 Use the TCP IP...

Page 19: ...Breeze relies on this external security if data traffic must be encrypted Application level security Breeze has a built in ACL Access Control List based security model that lets you assign users diffe...

Page 20: ...Training Managers group manage the Meeting library including creating courses incorporating course content from Authors enrolling users sending enrollee notifications and setting up course reminders...

Page 21: ...a firewall In general customers should keep their servers patched with all current security updates approved by Microsoft and the other appropriate platform vendors Update database security Since you...

Page 22: ...is a powerful port scanning program that tells you what ports a system is listening on It is available at no cost under the GNU Public License GPL The effectiveness of any security measure is determin...

Page 23: ...ailover for HTTP requests All computers in a cluster have copies of the same contents If one computer in the cluster fails the content on another computer in the cluster can take over and supply the s...

Page 24: ...e Breeze Server to access the embedded database engine you must use Microsoft SQL Server 2000 as the database engine in a cluster Make sure the required hardware applications are operating and communi...

Page 25: ...on covers the following topics Breeze server requirements Hardware requirements Software requirements Additional software requirements for Breeze servers Breeze user requirements Content Viewers Cours...

Page 26: ...is will give you the option to use SQL or Windows authentication Breeze supports SQL authentication only SQL Server is required for configurations of multiple Breeze servers a cluster or multi process...

Page 27: ...rom the Context menu In the General tab of the Local Disk Properties dialog box the File System area should specify NTFS For updated Breeze system requirements and recommendations see www macromedia c...

Page 28: ...n Macintosh Safari 1 1 1 2 Netscape 6 2 7 1 Microsoft Internet Explorer 5 2 CompuServe 7 OS 10 1 or later Firefox 1 0 Additional requirements Macromedia Flash Player 6 0 65 or later Web camera and mic...

Page 29: ...he embedded database engine The embedded database engine that comes with Macromedia Breeze has the following limitations The licensing agreement restricts installation and use of the embedded database...

Page 30: ...30 Chapter 1 Before You Begin...

Page 31: ...e upgrade from Breeze 4 1 to Breeze 5 This is the only direct upgrade path that this version supports If you are upgrading from a version of Breeze earlier than version 4 1 you must upgrade to each su...

Page 32: ...omedia Macromedia Breeze Stop Breeze Server 2 Make a copy of the content directory within the Breeze installation path The default location is C breeze content 3 Make a copy of the config ini file wit...

Page 33: ...e OSQL utility allows you to execute commands against a database where U specifies the database user P specifies the password breeze is the default password d specifies the database name If you change...

Page 34: ...ave Breeze Meeting stop the Flash Communication Admin Service and Flash Communication Server Use the same Services window and follow the procedure outlined in step 1 3 Verify that you backed up the fo...

Page 35: ...upport on page 55 Macromedia online forums on page 55 Installation checklist Before you begin the installation process check that all the requirements listed in Before You Begin on page 9 are satisfie...

Page 36: ...ut Flash Player in this menu to download the latest Flash Player 7 version You can also download Flash Player from www macromedia com go getflashplayer You also need the Breeze License Certificate fro...

Page 37: ...all other applications before you start to install Breeze To install and configure Breeze 1 Insert the Breeze installation CD into the CD ROM drive If the Breeze installer does not start automatically...

Page 38: ...d click Next to continue The Select Destination Location screen appears 4 Click Next to accept the default installation c breeze location or click Browse to select a different location and then click...

Page 39: ...your serial number The License Certificate that comes with the installation CD contains the serial number 6 Enter the serial number and click Next to continue If the installer determines that a SQL d...

Page 40: ...ccept the default shortcut or click Browse to select a different location and then click Next The Ready to Install screen alerts you that the Breeze installation is about to begin 9 Review the choices...

Page 41: ...stall to continue The Installing screen appears The installer is extracting Breeze Server files on the installation CD and installing them This process takes approximately two minutes 11 Click Cancel...

Page 42: ...continue A message appears that the Macromedia Breeze Application Service service is starting Breeze runs as a Windows service Breeze is defined as the Macromedia Breeze Application service and the Fl...

Page 43: ...e custom ini configuration file No user interface was available to validate entries or report errors to the administrator If an error condition was encountered the administrator had to sift through th...

Page 44: ...reeze for the first time the Database Creation Confirmation screen appears If you are upgrading from Breeze 4 1 the Upgrade Confirmation screen appears If you are trying to upgrade from Breeze 4 the f...

Page 45: ...screen The administrator is asked to confirm whether to create the database or not Upgrade confirmation The Upgrade Confirmation screen asks the administrator to confirm that they want to upgrade Bree...

Page 46: ...verify that you completed the requirements in Steps 1 and 2 Click Upgrade Breeze to proceed Unsupported Version screen If you are trying to upgrade from a version of Breeze older than 4 1 the Console...

Page 47: ...from Macromedia available The certificate contains the unique serial number required for your installation Upgrade in progress screen The Console displays an upgrade in progress screen informing the a...

Page 48: ...48 Chapter 3 Installing and Upgrading Breeze Breeze Server settings The Breeze administrator defines the settings for the Breeze Server on the Breeze Server Settings screen Click Next to continue...

Page 49: ...st Mapping entry on this panel Host Mapping ADMIN_HOST none Host name and external name the fully qualified domain name of the Macromedia Breeze site Breeze supplies the values for these fields HTTP P...

Page 50: ...o use Have the Breeze License Certificate from Macromedia available The license contains a unique serial number for your installation To upload the Breeze license file 1 Verify that the serial number...

Page 51: ...wnload Completes check box The Create Administrator window appears This step is mandatory You must create an administrator for Breeze now Administrative privileges are required for configuring and mai...

Page 52: ...to Breeze Return to the Console to change the Breeze configuration View the online Getting Started Guide Application Settings Summary The Application Settings summary screen displays the settings you...

Page 53: ...option to install the embedded database engine and follow the steps in the wizard to finish installing Breeze Server 5 When the installation is complete restart the server Starting and stopping Breez...

Page 54: ...order described in Starting and stopping Breeze components on page 53 Flash Communication Server Flash Communication Admin Service and Macromedia Breeze Application Service the Breeze server 2 Select...

Page 55: ...ny Standard e mail support is included with every Breeze hosted account and all Breeze hosted customers are entitled to this support Phone support is only available for customers with Silver and Gold...

Page 56: ...56 Chapter 3 Installing and Upgrading Breeze...

Page 57: ...page 77 Configuring a Breeze Server cluster on page 84 Maintaining Breeze reliability on page 87 Deploying Breeze to your organization Before you deploy Breeze answer the following questions How shou...

Page 58: ...SL and encryption Verify that you correctly set up and configured your SSL solution following the tips in this document For details see Configuring SSL support for Breeze on page 77 Breeze server conf...

Page 59: ...e cluster hosting Breeze can access Microsoft SQL Server 2000 for the Breeze database must be installed in mixed mode This configurations allows you to use either SQL or Windows authentication Breeze...

Page 60: ...es port 1935 by default and reverts to port 443 if port 1935 is not successful Ports 443 and 1935 are not as common to firewalls and proxy servers if necessary Breeze Meeting attempts to use port 80 t...

Page 61: ...er for credentials Breeze checks the browser type of a request and only requests NTLM authentication for browsers that support NTLM NTLM authentication uses the jCIFS library A servlet or filter servl...

Page 62: ...icy with the NTLM password policy Configuring the Breeze Directory Service Integration The administrator uses the Directory Service tab of the Application Management Console to control the integration...

Page 63: ...tion LDAP Connection Authentication Method none The administrator defines the mechanism to transmit the LDAP username and password over the network None Anonymous no password Simple Transmit password...

Page 64: ...connections settings in one LDAP syntax URL ldap mycompany com 636 Username MYCOMPANY jdoe Password password123 Query timeout empty Authentication mechanism Simple Note This is an example Consult you...

Page 65: ...he Directory Service The administrator uses the User Profile Mapping screens to provide the information that Breeze uses to map the fields in its user profiles to their equivalent LDAP attributes when...

Page 66: ...ax of how to map a Breeze user profile First Name givenName Last Name sn Email userPrincipalName Login sAMAccountName External Login sAMAccountName Note This is an example Consult your local LDAP admi...

Page 67: ...le Mapping screen Click Save to add a user branch or click Delete to delete a user branch The following example shows one LDAP syntax of how to add a branch of the organization and define its users Ad...

Page 68: ...provides the information that Breeze uses to map the fields in its group profiles to their equivalent LDAP group entries when the organization s Directory Service and the Breeze directory of groups a...

Page 69: ...groups in other branches of the organization when the directories are synchronized The following table describes the fields in the Group Profile Mapping screen Click Save to retain the group profile...

Page 70: ...rectory of users and groups The administrator should schedule the synchronization at off peak hours when there is less competition for system resources Scheduling the synchronization is optional The a...

Page 71: ...on is similar to a manual synchronization but no changes are made to the Breeze directory The log file assists the administrator in diagnosing any problems that might occur during the synchronization...

Page 72: ...ividual principal processed In some cases more than one event might be produced If any warnings or errors are encountered during a manual or preview synchronization a second warning log listing the wa...

Page 73: ...arcates the following values Field Description Date Formatted date time value to the millisecond The format is yyyyMMdd T HHmmss SSS Principal ID Breeze login or group name Principal Type A single cha...

Page 74: ...id packets where principal ID is an ID that would be listed in the Principal ID column such as a user login or group name If there are no members of an ID list the parent node is output as add or rem...

Page 75: ...lable at all A synchronization cannot copy a password into Breeze from another source There are two approaches to handling user authentication in Breeze Integrate Breeze with an external authenticatio...

Page 76: ...example if the LDAP directory contains users employee IDs and you specified the employee ID LDAP attribute as the password users can log in to Breeze using their employee ID as their password After us...

Page 77: ...and password to access all applications on its internal network including Breeze For more information see Implementing single sign on on page 61 Configuring the FCS ports FCS needs to be configured t...

Page 78: ...gins to Breeze are sent over the secured protocol HTTPS With SSL all presentations and meetings are conducted over fully encrypted HTTPS or RTMPS connections The Breeze server uses port 443 for encryp...

Page 79: ...work HTTP tunneling must be enabled You can control which port on the redirect host will listen for redirected traffic Request redirection to a specific host can be Redirect enable false Host port 80...

Page 80: ...LCACertificatePath This tag specifies the directory containing CA certificates Note that each file in the directory can contain only a single CA certificate and the files must be named by the subject...

Page 81: ...FCSMaster console initialize from the command line Server xml SSLRandomSeed 16 Specifies the number of bytes of entropy to use for seeding the pseudo random number generator PRNG Entropy is a measure...

Page 82: ...CS traffic No FCS traffic is tunneled over port 80 and no external HTTP traffic goes over port 80 To modify the custom ini file for SSL 1 Edit the following variables in the custom ini configuration f...

Page 83: ...lowing example ADMIN_HOST aserver mybreeze com If your web server uses a port other than port 80 for receiving HTTP messages the port number must be added to the host name as shown in the following ex...

Page 84: ...ddress and port 1935 must be accepted and then forwarded back to the server where Breeze is installed using port 1935 443 forward to 10 1 204 36 1935 Meeting IP 10 1 204 36 1935 forward to 10 1 204 36...

Page 85: ...r the fully qualified client visible DNS name that points to the load balancer For each Breeze Server enter its fully qualified client visible DNS name the direct name 11 Repeat steps 8 though 10 for...

Page 86: ...explains how you can verify that content uploaded to one Breeze Server in a cluster is replicated to the other Breeze Server applications in the cluster and is therefore available whenever failover is...

Page 87: ...nk to the newly uploaded test content A Content Information page with a URL for viewing your test content opens 6 Make a note of the URL you will use it in step 10 7 Click the URL Your test content is...

Page 88: ...any failures including media failures user errors and permanent loss of a server The scheduled routine of backing up and restoring databases is useful for other purposes such as copying a database fro...

Page 89: ...Manager In the Tree pane of the Enterprise Manager window select the Breeze database named breeze by default Select Tools Backup Database Macromedia recommends a nightly backup of the Breeze database...

Page 90: ...in the following location Boot drive Breeze content To back up your Breeze files 1 Stop all Breeze services In Windows select Start Programs Macromedia Breeze Stop Breeze Server 2 Make a copy of the c...

Page 91: ...erver publish a presentation to Breeze save it in the Breeze Server Content library and then view it see Verifying that you can use Breeze Server on page 94 4 If you purchased Macromedia Breeze Traini...

Page 92: ...2 Click the login link The Breeze Login window appears 3 As your login name enter the value you set for the ADMIN_EMAIL variable in the Application Management Console 4 As your password enter the val...

Page 93: ...Here is a sample new user e mail message Hello John Smythe Welcome A user account has been created for you on Macromedia Breeze by Ingrid Jones ijones Macromedia Breeze is an integrated web communicat...

Page 94: ...romedia Flash presentation and then view it Before you can send a PowerPoint presentation to the Breeze server you must install Breeze Presenter on a computer on which PowerPoint is already installed...

Page 95: ...ng Name Start Time Duration Select Meeting Template Meeting Access 2 Enter the required information For the Meeting Access option select the Only Registered Users and Accepted Guests May Enter the Roo...

Page 96: ...fying that you can use Breeze Manager and send e mail notifications on page 92 and click Add and then click Next The Send Invitations page appears 4 Click Finish to send the invitations and create the...

Page 97: ...ster 24 84 configuring database settings 44 hardware requirements 25 integrating learning management systems 61 load balancer for cluster 24 multi server configuration 18 ports used 22 security 17 sin...

Page 98: ...le 50 M Macromedia online forums 55 N network security 16 22 NTFS file system required 35 O overview installation 35 post installation 57 preinstallation 9 P password changing the default 88 default f...

Page 99: ...ents 14 hardware accelerator setup 84 hosted environments 14 implementation with accelerator 82 implementation with FCS 78 planning for 14 required resources for accelerator 82 secured port number 443...

Page 100: ...100 Index...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands