In a setup in which client computers connect to the CommServe environment through a network gateway, you can protect your CommCell environment by "locking down" the client that is hosting the network gateway function. This forces the authentication of client certificates when installing new clients in your CommServe environment.
By default, the client software installer uses a certificate that is built into the installer software to authenticate its connections with the CommServe host. However, when locked down, the CommServe host only accepts and initiates HTTPS connections from clients that have valid certificates. Requiring valid client certificates provides a high level of security that cannot be hacked or compromised by connections from outside the CommCell environment.
Procedure
If you want to enforce certificate authentication at the CommServe level, or for more information on client certificates, see Network Authentication - Client Certificates.