FileMaker Server Configuration

NOTE: IS&T recommends that IS&T Managed Servers be used for hosting FileMaker databases. Only experienced server administrators should attempt to do so, particularly where databases with sensitive data and/or mission critical functions will be housed. The following web page offers MIT-specific configuration recommendations to help mitigate against security risks in the FileMaker hosting environment. In a changing computing landscape these recommendations in no way offer a guaranteed maintenance or risk-free hosting environment.

Your host machine

FileMaker Server runs on Windows or Macintosh. It is not compatible with Linux. See FileMaker's system requirements for more information.

IS&T strongly recommends that FileMaker Server run on a server operating system. We do not provide help desk support for server operating systems, but instead offer hosting services to departments lacking server management resources.

Server settings

Use the FileMaker Server Admin Console to place additional constraints specific to your particular needs and environment. Provide only as much access and availability as your needs require. You may want to limit the following:

• Number of allowable connections from FileMaker clients
• Number of files to host
• Disconnection of idle clients after a specified amount of time

Password-protect the Server Admin console to reduce the risk of unauthorized access to your system's settings. This can be set during use of the Deployment Assistant at the time of installation, or anytime afterwards on the Admin Console tab of General Settings.

Important: Enable SSL encryption between Server and client connections. You must restart FileMaker Server for this to take effect.

Refer to the security guidelines checklist for more information.

For the purposes of disaster recovery, progressive backups do not eliminate the need for a robust schedule of full backups, making the progressive backups somewhat redundant. IS&T does not recommend employing progressive backups at this time.

Maintenance

FileMaker Server activity can be monitored through Log Viewer in the Admin Console.

Configure the FileMaker Server backup scheduler for frequent backups to another (non-hosted) location on the server hard drive. These backup copies are then suitable for backup via TSM. Do notbackup live, hosted files via TSM.

If you are hosting many or large database files on a Windows server, install OS patches manually when they are released. If you subscribe to WAUS (MIT's Windows update service), you may set your configuration to download patches but not automatically install. Instead, you will see an alert advising you that patches are ready to be installed. Patch installation frequently involves a system reboot, and there may not be sufficient time for FileMaker Server to close all open database files before the service is stopped for shutdown. With the notification approach, you can manually close all database files and stop FileMaker Server so that it shuts down gracefully. Then you can apply the OS patch and reboot. For more information on the WAUS Notify configuration, see Option 2 on the WAUS subscription page.

Additional considerations

FileMaker Server hosting application:

• Runs as a Mac daemon or as a Windows service
• Has been tested for up to 250 concurrent FileMaker Pro clients, but has no theoretical limit. Connections are limited by your hardware, database design, and operating system limitations.
• Supports 125 open database files
• Multi-threaded application, supports 1, 2 or 4 CPU configurations
• Supports multi-homing (multiple network cards and multiple IP addresses) on the Server machine
• Provides external authentication support via OpenDirectory (Mac) and ActiveDirectory (Windows)