Physical access to iBase Designer
For maximum security, it is advisable to limit physical access to i2® iBase Designer and its capabilities. If a user cannot gain access to the tools that implement access control for the application, they cannot modify the settings and compromise security.
There are several precautions that can be taken to minimize the possibility of unauthorized access to iBase Designer.
When you install iBase, limit the number of machines on which iBase Designer is installed. For example, do not install the following unless necessary:
- Designer
- Tools (including the Database Configuration utility and the Audit Viewer)
The smaller the group that has access to iBase and the machines on which it runs, the easier it is to manage access control. Strategies that place the machines and database on a separate network without contact with other parts of the organization are inherently easier to control than general installations.
iBase is not designed to operate over a WAN. Implementation over a WAN impairs performance and also increase the exposure of the database to a wider audience through the network infrastructure.