FOXMAN-UN Client-Server Setup in a Secure Network - Application Note
Preface and Introduction
This FOXMAN-UN Application Note covers the installation of the FOXMAN-UN Core and Client in a secure Network to mitigate the following vulnerability:
Communication between the client application (FOXMAN-UN User Interface) and the server application (FOXMAN-UN Core) is partially using CORBA (Common Object Request Broker Architecture) over TCP/IP for the application using UCST for FOX515 management. This protocol is not encrypted and allows to trace internal messages. An unfriendly user may read access tokens or weak encrypted passwords.
The mitigation described in this Application Note is applicable for the NEM Release R16B when using FOX515 and UCST.