Overview

This article provides the documents corresponding to the configuration of each GFI product to use HTTPS.

Information

One of the key points in protecting personal data is to safeguard confidentiality and integrity using encryption.

Encryption ensures that even if attackers can gain unauthorized access to your stored data or intercept data being transmitted, they would not be able to read it.

There are two situations where encryption should be enabled:

• Data at rest. Where data resides in storage. For further information see TDE and BitLocker.
• Data in transit. As data travels on private networks and across the Internet.

Enforcing Data Encryption

This article describes how to enforce encryption for data in transit.

Transport Layer Security (TLS) is a standard protocol that provides encryption for data in transit using strong authentication and protecting both the confidentiality and integrity of data as it travels across networks.

GFI Products that use a web interface can be accessed over HTTPS to warrant better security.

Please review the articles below to enable HTTPS for your GFI product:

• GFI MailEssentials
• GFI Archiver
• GFI LanGuard
• GFI OneConnect
• GFI OneGuard
• GFI FaxMaker
• Exinda Network Orchestrator
• Kerio Connect
• Kerio Operator
• Kerio Control
• MyKerio

GFI MailEssentials

• Configure IIS to use HTTPS to access the GFI MailEssentials configuration.
• Configure IIS to use HTTPS to access the GFI MailEssentials Quarantine.

GFI Archiver

• Configure IIS to use HTTPS to access the GFI Archiver configuration.

GFI LanGuard

• Configure IIS to use HTTPS to access the GFI Languard Central Management Server.

GFI OneConnect

• Access to GFI OneConnect is done over HTTPS by default.

GFI OneGuard

• Configure IIS to use HTTPS to access the  GFI OneGuard configuration.

GFI FaxMaker

• Configure IIS to use HTTPS to access the GFI FaxMaker web interface.

Exinda Network Orchestrator

• Configure Exinda Network Orchestrator to use HTTPS to access the interface

Kerio Connect

• Configure Kerio Connect to ensure the most secure options are enabled.
• Encrypting your messages to ensure only message recipients can read it.

Kerio Operator

Access to Kerio Phone enforces SSL. This setting is controlled in the security dialog Allow only secure connections for Kerio Phone for desktop and web. Access to Kerio Operator is done over HTTPS by default.  No configuration is required by the user, for more details please review our article 'Logging into Kerio Operator Administration.'

Kerio Control

Access to Kerio Control is done over HTTPS by default. No configuration is required by the user, for more details please review the article 'Configuring the Kerio Control web interface.'

MyKerio

Access to MyKerio is done over HTTPS by default. No configuration is required by the user, for more details please review our the article 'Getting Started with MyKerio.'