MACROMEDIA BREEZE-SECURITY, Manual

Security Levels

7

Breeze Web Server Security

Macromedia Breeze comes with its own built-in high-performance, secure web server. This web 
server is based in part on Macromedia JRun Enterprise Server and has been designed specifically 
to serve dynamic content for Breeze, including Breeze Live meetings, Breeze presentations, and 
other rich media content. Because of Breeze’s special requirements, no other web servers should be 
used with Breeze. This will only degrade performance for Macromedia Breeze.

More importantly, Breeze is designed for security. The built-in web server is shipped with a very 
restrictive configuration which prohibits other web-based services from running on the same 
machine. Also, because of its architecture, Breeze is not susceptible to exploits that have plagued 
other web servers such as buffer overruns, etc. This makes Breeze a very secure environment in 
which to host content.

Database Server Security 

Whether or not you are hosting your database on the same server as Breeze, you must make sure 
that your database is secure. Computers hosting a database should be in a physically secure 
location. Databases should be installed in the secure zone of your corporate intranet and never 
directly connected to the Internet. Back up all data regularly and store copies in a secure 
off-site location.

The Microsoft security web site contains information that applies to both securing SQL 
Server 2000 and the Breeze built-in database: 

www.microsoft.com/sql/techinfo/administration/

2000/security/

The following link provides a good starting point to making sure that your database is secure: 

www.microsoft.com/sql/techinfo/administration/2000/security/securingsqlserver.asp

Note that Macromedia Breeze does not support Windows Authentication Mode. Only Mixed 
Mode is supported.

In addition, if you are running the Breeze built-in database, you should note that the Breeze 
built-in database uses ‘breeze’ as the password by default. It is highly recommended that you 
change this password. To change the password, type the following at the command line:

osql -E -Q "sp_password @new='

{new_password}

',@loginame='sa'"

where {new_password} is a strong password. 

Solutions for a Secure Infrastructure

Most Breeze configurations will fall into one of two configurations:

•

A single server configuration

•

A multiple server configuration. 

This section discusses both setups and they provide examples on how to secure 
these environments.