Laserfiche WebLink
Chapter 2 — Networking, Security, and Support Connectivity <br />/ NIC Cards—NIC cards should not beset to "auto; they should beset to the highest matching speed <br />applicable for the network and set to "full duplex." <br />Due to the mission critical nature of CAD, TriTech strongly recommends an isolated network. <br />While some TriTech customers have implemented their Inform CAD system as part of a broader network <br />infrastructure, most of these customers have experienced problems secondary to outages and changes that had an <br />unexpected and undesirable impact on the CAD system. <br />TriTech recommends that two (2) active directory servers/domain controllers (DC) be deployed on the Inform <br />CAD network for redundancy. Both DC's should be running on servers with RAID 1 or RAID 5 disk <br />configurations. Both DC's should be Global Catalogs, per Microsoft's "best practices" recommendation. <br />/ DNS - TriTech recommends that the CAD system have its own DNS servers for name resolution and not <br />rely upon a shared server used by the broader City network. DNS should be installed on both domain <br />controller servers. <br />/ DHCP — While TriTech does not recommend the use of dynamic IP addresses, if DHCP is utilized, each <br />DC should have its own scope. <br />3.2 SERVERNVORKSTATION PERMISSIONS <br />Windows user accounts used to log in to servers and workstations should not be the same accounts utilized for <br />the Inform Database Server or Inform Business Servers that maintain running applications if account lockouts are <br />enforced due to password retries or other user -related security. Accounts should be specific to an individual or <br />group of machines and not accessible for systems outside of the Inform CAD system. (Email, Web Sites, Other <br />agency resources). <br />The Inform CAD and Inform Systems have been developed to operate within a defined framework of network <br />security access. The following are the minimum standards. <br />3.2.1 SUPPORT AND INSTALLATION ACCOUNT <br />TriTech requires a domain account that is also a local administrator in order to install, upgrade and support the <br />overall system. This account is typically named "TriTech". This account should be separate from the account <br />used below for the Server Based Applications. <br />3.2.2 INFORM CAD DATABASE SERVER <br />TriTech requires a domain account that is also a local administrator (same as the support account) in order to <br />install, upgrade and support the Inform CAD Database Server. TriTech recommends a separate domain account. <br />If necessary, the domain account can be the same account used below for the Server Based Applications. <br />TriTech requires access to the SQL Server (TCP port 1433). The System Administrator (SA) account for <br />Microsoft SQL Server is required by TriTech for installation, support and upgrades. <br />3.2.3 INFORM CAD AND INFORM INTERFACE AND BUSINESS SERVERS <br />There are two (2) types of network accounts needed for these types of servers: <br />The contents of this material are confidential and proprietary to TriTech Software Systems, Inc. and may not be reproduced, <br />published or disclosed to others without the prior written consent of TriTech Software Systems, Inc. <br />©2015 TriTech Software Systems <br />