Key Points to consider regarding system security:

  • Preventing unauthorized access
  • It is highly recommended to require Multifactor Authentication for all accounts.
  • Stay current on all patches and updates for all the software on the server (Windows, .NET Framework, etc.)
  • If you have antivirus on your server, watch for any performance issues that may arise from real-time scanning.
  • SSL Certificates
    • Aeries Software recommends using an SSL certificate on all Internal and External websites.  Your certificate provider will have instructions for generating the Certificate Signing Request and installing the certificate for your server's version of IIS.
    • Force SSL to be required on all sites
    • Educate users to use “HTTPS://yourwebsite”
      • Redirect from HTTP to HTTPS by whatever method you prefer. ( {URL rewrite} or typical IIS HTTP redirect}
  • Active Directory
    • Aeries Web Version Admin Portal and/or Teacher Portal can be set up to use Active Directory via the Aeries LDAP Connection String. Ideally, this will be LDAPS perhaps on its default port of 636.

Sample Aeries Topology: