Planning
Use this topic as an overview of planning task.
- Roadmap for deploying Domino® servers
  Use this as a tool when planning how to integrate HCL Domino® into your existing environment.
- Planning server-to-server connections
  Servers must connect to each other to exchange data, for example to replicate databases and exchange mail. You can create connections between servers across a local area network (LAN) or wide area network (WAN), by using a pass-through server (a server that acts as an intermediary server between a client and its destination), or over the Internet. Create a Server Connection document whenever you need to establish any new or additional server connections. You can modify this document when necessary.
- Planning directory services
  HCL Domino® provides a range of directory service features.
- Planning a mail routing topology
  HCL Domino® offers you considerable flexibility in configuring your mail system infrastructure, allowing you to use HCL Notes® routing, SMTP routing, or both, for internal and external messages.
- Planning a cluster
  When planning a cluster, it is important to consider the performance and ability of your hardware. The cluster must have enough CPU power, memory, and disk space to handle the cluster traffic and the number of databases and replicas required.
- Planning the TCP/IP network
  The default TCP/IP configuration for an HCL Domino® server is one IP address that is globally bound, meaning that the server listens for connections at the IP addresses of all NICs on the computer. Global binding works as long as the computer does not have more than one IP address offering a service over the same assigned TCP port.
- Messaging overview
  The HCL Domino® mail system has three basic components: Domino mail servers, Domino mail files, and mail clients. The Domino mail server is the backbone of an organization's messaging infrastructure, acting both as an Internet mail server and an HCL Notes® mail server. Domino provides standards-based Internet messaging through its support of the Simple Mail Transfer Protocol (SMTP), Post Office Protocol version 3 (POP3), Internet Message Access Protocol (IMAP), and Multipurpose Internet Mail Extensions (MIME). At the same time, Domino supports Notes mail through the use of Notes routing protocols -- Notes remote procedure calls (NRPC) -- and the Notes rich text message format.
- Planning your Notes® client deployment
  Use the references listed here to plan for, install, upgrade to, and configure the HCL Notes® client.
- Planning security
  An important aspect of planning security for your Domino® environment is understanding the tasks and features involved with securing each type of resource.
  - Server security
    To secure Domino® servers, you allow and prevent user and server access.
  - Application security
    Restrict access to Domino® applications to prevent unauthorized users from gaining access to information.
  - Application design element security
    An application developer can further restrict access to design elements within an application using HCL Domino® Designer.
  - Notes® and Domino® ID security
    To prevent unauthorized access to servers and applications, secure Notes® and Domino® IDs.
  - Workstation data security
    To prevent unauthorized access to user workstation information and applications, secure Notes® user computers.

Notes® and Domino® ID security

To prevent unauthorized access to servers and applications, secure Notes® and Domino® IDs.

These tasks apply only to Notes® users and Domino® servers.

Table 1. Tasks
Task	Use
Require a password for all user and server IDs.	Prevent an unauthorized user from using an illicitly obtained ID to authenticate with a server.
Enforce password quality testing for IDs.	Prevent unauthorized users from guessing passwords.
Assign multiple passwords to server and certifier IDs.	Require multiple users to enter passwords before gaining access to the ID file to prevent one person from controlling a server or certifier ID.
Compare a password with the password stored in the Domino® Directory and require users to change their passwords periodically.	Prevent an unauthorized user from using an illicitly obtained ID to authenticate with a server.
Compare a Domino® public key with the public key stored in the Domino® Directory.	Prevent an unauthorized user from using an illicitly obtained ID to authenticate with a server.
Use the ID vault	Easily recover from lost or damaged IDs and from forgotten passwords
Set up a security settings policy document.	Manage Notes® and Internet password properties, such as password synchronization and expiration settings, on an organizational level.
Lock the user ID after x minutes of inactivity.	Automatically log off servers to prevent an unauthorized user from using the workstation.
Use F5 to log off (basic Notes® configuration only).	Immediately log off servers to prevent an unauthorized user from using the workstation.
Save user IDs on a disk instead of on the workstation and keep disks in a safe place.	Physically protect user IDs.
Locate workstations in a secure area -- for example, a locked room.	Prevent unauthorized access to the ID files.
Install Smartcard readers on user workstations and have users log in to Notes® with Smartcards.	Physically protect user IDs and private Internet keys.