Over the years, security has become a core topic for business applications. As a 4D developer, you are constantly facing customers who pay close attention to the level of security in the solutions they use for running their everyday businesses.
To help you answer your customers’ security-related questions, we are pleased to announce the release of the 4D Security Guide.
This reference document describes all the built-in tools and techniques involved in creating a secured environment for your business applications: from authentication and TLS encryption, to data access system and data protection. Now it’s time for you to check it out!
Over the years, security has become a core topic for business applications. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both frequently referred to as “SSL”, are cryptographic protocols that provide communications security over a computer network. The TLS version that your application is using for web or client/server connections, for instance, contributes to its security level.
4D supports all TLS versions: 1.0, 1.1 and 1.2. The protocol version used is negotiated between the server and the client when establishing the connection. To increase the security level, beginning with 4D v16 R5, the default minimum supported version is TLS 1.2, older versions are rejected, as they could be unsecure.
Besides the fact that it has a larger address space, IPv6 also has many other advantages over IPv4: built-in features like support of multicast transmission, increased security with IPSec (providing confidentiality, authentication and data integrity) and the ability to display, in the 4D client connection dialog box, all the 4D Server available even if they are published on a non standard port (different than 19813).
4D introduced IPv6 support with 4D v14, however some dialogs were not perfectly arranged for the IPv6 use cases. 4D v16 R4 provides some UI improvements for a better user experience for people using IPv6 network configurations.
With the new network layer, we can implement new functions that were impossible with the legacy network layer. The first is the application sleep notification.