Version history
|
Document version |
Release |
Comments |
|---|---|---|
| Version 23 |
2024 R2 2024 R1 2023 R3 2023 R2 |
No changes to this document |
| Version 22 | 2023 R1 |
Added hardening information for the SQL Server connection in Connection to the SQL Server databases. Updated information about the UseRemoting option in Disable legacy remoting channel. |
| Version 21 | 2022 R3 |
No changes to this document |
| Version 20 | 2022 R2 |
Added information on Disable IIS header information on the Identity Provider. Warning removed stating that the Mobile Server is not configurable when the Management Server is in a cluster from Use a "demilitarized zone" (DMZ) to provide external access. |
| Version 19 | 2022 R1 | Added information about Encryption of communication with the Event Server. |
| Version 18 | 2021 R2 | Added new section CIS Microsoft IIS 10 benchmark. |
| Version 17 | 2021 R1 |
Updated reference to Microsoft Security Update Guide to https://msrc.microsoft.com/update-guide. Added new section Configure the Content Security Policy (CSP). Updated restrictions to Mobile Server in a DMZ in Use a "demilitarized zone" (DMZ) to provide external access. |
| Version 16 | 2020 R3 | Updated new supported FIPS compliant drivers in Supported drivers. |
| Version 15 | 2020 R3 |
Added new sections FIPS 140-2 compliance and Drivers and FIPS 140-2. Added information on Disable the IIS Default Page. Updated information on Disable IIS HTTP TRACE / TRACK verbs. Port 25 for the recording server and failover recording server is deprecated. See Use firewalls to limit IP access to servers and computers. |
| Version 14 | 2020 R2 |
Added information to deny access to X-Frames in Manage IIS header information. |
| Version 13 | 2020 R2 |
Added information about encryption between the management server and the data collector (see Encryption between the management server and the Data Collector server (explained) Added information on Disable IIS HTTP TRACE / TRACK verbs. |
| Version 12 | 2020 R1 | Microsoft Internet Explorer no longer supported. Microsoft Edge is supported. See Use only supported browsers with the latest security updates. |
| Version 11 | 2019 R3 |
Port 5432 is disabled by default. See Use firewalls to limit IP access to servers and computers. Added information on Manage IIS header information. |
| Version 10 | 2019 R2 |
Added section Secure communication (explained)
Added hardening information for the SQL Server database connection in Connection to the SQL Server databases. Added hardening information for Recording Server in Harden Network Attached Storage (NAS) to store recorded media data. |
| Version 9 | 2019 R1 | Added encryption from the recording server to all clients, described here: Encryption from the management server to the recording server (explained) |
|
Version 8 |
2018 R3 |
Added design recommendations, described here: Privacy by design. Log Server uses port number 22337, described here: Use firewalls to limit IP access to servers and computers and Limit the IP access to Log Server. Mobile server no longer uses port 8000 for communication with Tray Manager. This was removed from Use firewalls to limit IP access to servers and computers. New recommendation for scanning for devices, described in Scanning for devices. |
|
Version 7 |
2018 R2 |
No changes to this document |
|
Version 6 |
2018 R1 |
Clarified the need to add specific firewall rules to the Management Server, described here: Use firewalls to limit IP access to servers and computers. |
|
Version 5 |
2018 R1 |
No changes to this document |
|
Version 4 |
2017 R3 |
No changes to this document |
|
Version 3 |
2017 R2 |
This document applies to XProtect VMS versions 2017 R2 and before. These are the changes to the document:
|
|
Version 2 |
2016 R3 |
This document applies to XProtect VMS versions 2016 R3 and before. These are the changes to the document:
|
|
Version 1 |
2016 R2 |
This document applies to XProtect VMS versions 2016 R3 and before. |