Enterprise Vault™ Upgrade Instructions
- About this guide
- Before you begin
- Points to note when upgrading
- Installing Outlook on the Enterprise Vault server
- Improved consistency when applying a retention period to items
- Additional points to note when upgrading from Enterprise Vault 11.0 or 11.0.1
- Steps to upgrade your system
- Enterprise Vault server preparation
- Backing up the system
- Single server: upgrading the Enterprise Vault server software
- Multiple servers: upgrading the Enterprise Vault server software
- Veritas Cluster Server: upgrading the Enterprise Vault server software
- Windows Server Failover Clustering: upgrading the Enterprise Vault server software
- Upgrading standalone Administration Consoles
- Upgrading Enterprise Vault Reporting
- Upgrading MOM and SCOM
- Upgrading Exchange Server forms
- Upgrading Domino mailbox archiving
- Upgrading the FSA Agent
- Upgrading Enterprise Vault Office Mail App
- Upgrading OWA Extensions
- Upgrading SharePoint Server components
- Upgrading SMTP archiving
- Checking the SMTP journaling type configuration
- Upgrading your Enterprise Vault sites to use Enterprise Vault Search
- Setting up provisioning groups for Enterprise Vault Search
- Configuring user browsers for Enterprise Vault Search
- Setting up Enterprise Vault Search Mobile edition
- Carrying out preinstallation tasks for Enterprise Vault Search Mobile edition
- Upgrading Enterprise Vault API applications
Disabling unsafe cryptographic protocols and cipher suites
If you want to give your users Internet access to Enterprise Vault Search without exposing your proxy server to unnecessary security risks, you can disable unsafe cryptographic protocols and cipher suites on the server.
When a client device uses HTTPS to connect to Enterprise Vault Search on a proxy server, the client and server negotiate a common cryptographic protocol to help secure the channel. If the client and server have multiple protocols in common, Internet Information Services (IIS) tries to secure the channel with one of the protocols that IIS supports. However, some protocols are stronger than others; to maximize the security of your environment, you may therefore want to disable the weak protocols in favor of stronger, Veritas-approved alternatives.
You can comply with Veritas recommendations by configuring the cryptographic protocols and cipher suites on your proxy server as follows:
Enable the TLS 1.1 and 1.2 protocols.
Disable the SSL 2.0 and 3.0 protocols.
Disable the RC2, RC4, and DES cipher suites.