New features in IBM Lotus Domino 8.5

The following list represents an overview of the new features that are available in IBM Lotus Domino 8.5. For more comprehensive information about new features, please refer to the Domino 8.5 Administrator Beta Help documentation, available by choosing "Help -> Help Topics" from the Domino Administrator client, or on-line at: http://infocenters.lotus.com/help7/index.jsp.


Notes Client Administration/Support

• Notes 8.5 introduces support for file server roaming and IBM Lotus Domino server roaming, for the Notes Standard configuration client only. Server roaming is not supported with the Notes client basic configuration. If you use the Notes client basic configuration, you will roam as in previous Notes and Domino releases.
• Notes 8.5 introduces support for installation and use of the Notes Standard configuration client from a USB drive.
• Notes 8.5 introduces support for Widgets and Live Text on supported Linux and Mac OS platforms; previously this was available only on supported Windows platforms.
• Notes 8.5 supports installation and use on supported Mac OS X platforms.
• Notes 8.5 supports installation and use on supported Citrix platforms.

Databases

• The Domino Attachment and Object Service (DAOS) reduces the total cost of ownership of maintaining any participating Notes database by storing all file attachments in a separate repository on the server and retrieving them by reference. Multiple copies of the same attachment in any participating Notes database on the server are stored only once, eliminating disk space devoted to duplicate storage.

Groups

• The auto-populated groups feature uses pre-defined criteria to automatically determine and update group membership. Use the auto-populated groups feature to apply policies to users and groups based on their home servers.

Policies

• Dynamic policy assignment is a new option for assigning explicit policies that allows administrators to assign policy settings to individual users and groups simply by specifying the appropriate user or group name in a policy document. As the organization changes, only the Group document needs to be updated. For example, if a user changes jobs or organizations, you do not need to determine which policies need updating; the updated group information is applied the next time the effective policy is calculated for any users in that group.
• A new Roaming policy page has been added in support of the file server roaming and Domino server roaming user functionality introduced in this release for Lotus Notes users (Notes Standard Client configuration only). A Domino 8.5 server is required to see and use the new policy page, and the new roaming functionality.

Security

• Notes shared login allows users to start Lotus Notes and use their Notes ID, without having to provide Notes passwords. Instead, users only need to log into Microsoft Windows using their Windows password. Unlike the Notes Single Login feature in earlier releases, Domino 8.5 does not use the Windows password for the Notes ID file. Instead, it stores a secret used to unlock the Notes ID file in a secure way, provided by an external mechanism. Domino 8.5 uses a Windows mechanism, so the secret will only be accessible by users who have logged into Windows.
• A Notes ID vault is an optional, server-based database that holds protected copies of Notes user IDs. An ID vault allows administrators and users to easily manage Notes user IDs. When IDs are lost, new copies are easily recovered from the ID vault. When users forget their Notes passwords, administrators can provide help instructions that are displayed when users click the new Forgotten Password button in the Notes login window. Authorized personnel can reset (change) the passwords, without requiring access to the ID files or the vault. Or a custom self-service agent can be used to allow users to reset their own passwords. Policies are used to assign users to a vault, and copies of the user IDs are uploaded from Notes clients to the vault automatically after authentication with a server once the policy has taken effect.

Note: Because ID file synchronization work is still in progress, for beta you should use the vault only in a test environment, without production users and user IDs.

Server

• Console log mirroring causes a new server thread to be created which monitors all messages written to the Console Log file, and duplicates those messages into another file. When the new file is filled, the thread closes the mirrored file and creates a new file into which subsequent messages are written.

Server commands

• New and enhanced server commands include:
• Show Stat Mail - View new messaging statistics in the server console window when you enter this command.
• DAOS Prune - Forces objects in the Domino Attachment and Object Service (DAOS) repository that are currently awaiting deletion to be deleted immediately, overriding any specified setting for deferred deletion.
• Show Tasks - The Show Tasks server command now includes task status from additional mail router threads, and generates detail regarding router activity.
• Show Server and Show Directory - These commands now report whether the Domino Attachment and Object Service (DAOS) is enabled, and provide a list of which databases are included in DAOS, with details for each.

Web Server

• The Domino Web server can serve files compressed by gzip (GNU zip); this feature is enabled by default. You must add the compressed file to the appropriate server directory, and certain restrictions apply.

The Domino security model

The IBM^® Lotus^® Domino^® security model is based on the premise of protecting resources, such as the Lotus Domino server itself, databases, workstation data, and documents. The resources, or objects, that are being protected are set up to define the rights of users to access and change the object. Information about access rights and privileges are stored with each protected resource. Thus, a given user or server may have different sets of access rights, depending on the resources to which that user or server requires access.

The following includes brief descriptions of the various resources that you need to protect in a Lotus Domino environment. Some of the topics are not specific to Lotus Domino security, but are included here in the interest of thoroughness.

Physical security

Physically securing servers and databases is equally as important as preventing unauthorized user and server access. It is the first line of defense against unauthorized or malicious users, by preventing them from having direct access to your Lotus Domino servers. Therefore, we strongly recommend that you locate all Lotus Domino servers in a ventilated, secure area, such as a locked room. If servers are not physically secure, unauthorized users might circumvent security features -- for example, ACL settings -- and access applications directly on the server, use the operating system to copy or delete files, or physically damage the server hardware itself.

Physical network security concerns should also include disaster planning and recovery.

Operating system security

Unauthorized or malicious users often take advantage of operating system vulnerabilities. As a system administrator, you should safeguard the operating system on which your Lotus Domino server runs. For example, you should limit administrator login/rights, disable FTP (on NT), and avoid the use of mapped directory links to file servers or shared NAS server for Lotus Domino servers. Stay informed about your operating system of choice, and keep current with security updates and patches.

Network security

The goal for securing your network is to prevent unauthorized users from gaining access to servers, users, and data. Physical network security is beyond the scope of this book, but you must set it up before you set up Lotus Notes and Lotus Domino connection security. Physical network security is established through the use of devices -- such as filtering routers, firewalls, and proxy servers -- that enable network connections for various network services (such as LDAP, POP3, FTP, and STMP) that you want to provide for your users. Network connection security access is also controlled using these devices, as you can define what connections can be accessed, and who is authorized to used them.

Properly configured, these devices prevent unauthorized users from:

• Breaking through into the network and accessing the server via the operating system and its native services (such as file sharing).
• Impersonating an authorized Lotus Notes user
• Eavesdropping on the network to collect data

Server security

The Lotus Domino server is the most critical resource to secure and is the first level of security that Lotus Domino enforces after a user or server gains access to the server on the network. You can specify which users and servers have access to the server and restrict activities on the server -- for example, you can restrict who can create new replicas and use passthru connections.

You can also restrict and define administrator access, by delegating access based on the administrator duties and tasks. For example, you can enable access to operating system commands through the server console for system administrators, and grant database access to those administrators who are responsible for maintaining Lotus Domino databases.

If you set up servers for Internet/intranet access, you should set up SSL and name-and-password authentication to secure network data transmitted over the network and to authenticate servers and clients.

ID security

A Lotus Notes or Lotus Domino ID uniquely identifies a user or server. Lotus Domino uses the information contained in IDs to control the access that users and servers have to other servers and applications. One of the responsibilities of the administrator is to protect IDs and make sure that unauthorized users do not use them to gain access to the Lotus Domino environment.

Some sites may require multiple administrators to enter passwords before gaining access to a certifier or server ID file. This prevents one person from controlling an ID. In such cases, each administrator should ensure each password is secure to prevent unauthorized access to the ID file.

You can also secure Lotus Notes user IDs with Smartcards. Smartcards reduce the threat of user ID theft, as a user who has a Smartcard needs their user ID, their Smartcard, and their Smartcard PIN to access Lotus Notes.

For more information on Smartcards, see Lotus Notes Help, which is installed with Notes and also available at http://www.lotus.com/ldd/doc.

Application security

Once users and servers gain access to a Lotus Domino server, you can use the database access control list (ACL) to restrict access that specific users and servers have to individual Lotus Domino applications on the server. In addition, to provide data privacy, encrypt the database with an ID so unauthorized users cannot access a locally stored copy of the database, sign or encrypt mail messages users send and receive, and sign the database or template to protect workstations from formulas.

Application design element security

Although users may have access to an application, they may not have access to specific design elements in the application -- for example, forms, views, and folders. When designing a Lotus Domino application, an application developer can use access lists and special fields to restrict access to specific design elements.

Workstation data security

Lotus Notes users may keep and use important applications and information on their workstations. This information can be protected through the use of an execution control lists (ECL), which defines the access that active content from other users has to the user workstation.