Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
442
Views
20
Helpful
4
Replies

ECE Chat Website IIS Best Practices

Muhammed Ashiq
Level 1
Level 1

‎07-03-2022 04:28 AM

Hi,

 

We are using ECE 12.0 (ES5) for chat and email.

Is there any documents available for Securing the Chat Web Servers in IIS level.

Your valuable input is highly appreciated.

Labels:
0 Helpful
4 Replies 4

Muhammed Ashiq
Level 1
Level 1

‎07-06-2022 01:59 AM

Thanks Bill.

I found below also up on searching,

 

  1. Ensuring that directory browsing is disabled may reduce the probability of disclosing sensitive content
    that is inadvertently accessible via IIS."
    To ensure that Directory Browsing is set do the following:
    %systemroot%\system32\inetsrv\appcmd set config /section:directoryBrowse /enabled:false
  2. USE ONLY STRONG ENCRYPTION PROTOCOLS:
    Set as follows:
    SSL 3.0 Enabled: We have SSL disabled as part of the POODLE patch
    SSL 2.0 Disabled
    TLS 1.0 Enabled
    TLS 1.1 Enabled
    TLS 1.2 Enabled
    PCT 1.0 Disabled
  3. DISABLE WEAK CIPHER SUITES
  4. REMOVE MICROSOFT IIS START PAGE
  5. Remove ASP.net from IIS header

 

bill.king1
VIP
VIP
In response to Muhammed Ashiq

‎07-18-2022 05:40 AM

It looks like there's now a Cisco documentation defect to address this as well.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwc40486

Muhammed Ashiq
Level 1
Level 1
In response to bill.king1

‎07-18-2022 03:20 PM

Thanks Bill. This would be a helpful document once published.

0 Helpful
Customers Also Viewed These Support Documents