The Community is now in read-only mode to prepare for the launch of the new Flexera Community. During this time, you will be unable to register, log in, or access customer resources. Click here for more information.
We are working on an FNMS implementation and getting some push back from IT security on enabling IIS basic authentication with PCI compliance in scope.
Web Server > Security > Basic Authentication (page 88 of install guide)
Web Server > Security > Windows Authentication
Anyone have details on specific details/functionality for requirement of basic authentication and a method to possibly disable?
Thanks
Craig
‎Oct 07, 2020 02:38 PM
If your environment is sufficiently tight that Windows Authentication will be able to be used for all the FlexNet Manager Suite virtual directories that get configured and used on the application server then I think you would be able to avoid installing the Basic Authentication feature. It is typical to use Windows Authentication on virtual directories, so that isn't too unusual.
What is slightly more unusual is not actually having the Basic Authentication feature installed as per the Installation Guide (even if it isn't actually used/enabled on any virtual directories), so you may want to do an install on a test system to verify that it is going to work and look out for any challenges. It is possible that there might be something in the installation process that expects the feature to be installed.
‎Oct 07, 2020 10:35 PM