Identity Finder Information and Discussion

Best practices and other information. Please add to and modify this list as appropriate

Server configuration

SQL Server hardware configurations for Identity Finder 4's Console Server
Communication with clients
- All communication between the clients and the service is encrypted regardless of whether https is used. ID Finder tech support says: "For the /Console access HTTPS is fine, however there could potentially be issues with the /Services application (/Services is what the client uses to send data to the console). The issue is that if the HTTPS certificates are not fully trusted on the client, then it will not allow communication with the server. HTTPS is not necessary on the /Services application because the Identity Finder Client will encrypt all data with AES encryption before sending it to the server. Our recommended configuration is to have HTTPS enabled for /Console but not for /Services. If you are unable to use this type of configuration let us know and we can try and help you get HTTPS working for /Services."
- If server is unavailable, clients store report information until server can be contacted
- Clients update their policy settings from the server every 5 minutes (300 seconds) by default. This can be changed via the policy/registry setting Console\pollingInterval). The server never inititates a connection to the client - the client always initiates, which makes client firewall management much easier.

Client configuration

Issues and concerns

Clients cannot scrub Office docs older than version 2007
Clients cannot scrub PDF docs
Does not scan Filemaker files reliably (especially post FM V.6)
Crashing with the Mac client
Deleting emails inside Eudora and T-Bird mailboxes from the client is highly problematic
Doing a clean uninstall produces multiple systems in the Console, with an IDF-generated GUID appended
Console does not seem to sync with AD (it will do an initial sync, but doing it on a schedule does not appear to work
Console is unbelievably slow