Securing Team Foundation Server

Security for Team Foundation is integrated with Windows authentication and based on users and groups. Windows authentication is used to authenticate accounts for connections between Visual Studio Team Foundation Server and clients of Team Foundation. In addition, authorization in Team Foundation Server is based on users, groups, and permissions in Team Foundation Server. You can increase the security of your deployment in several ways, which include the following tasks:

• Assigning permissions to users and groups.

• Understanding the underlying architecture of your deployment.

• Increasing the security of the network ports and traffic between clients and servers.

You can configure your deployment to use Hypertext Transfer Protocol Secure (HTTPS) with Secure Sockets Layer (SSL). With this configuration, network traffic is encrypted between Team Foundation Server and the clients that request access to its resources, which include team project portals, reports, and work items. You can configure your deployment to support HTTPS with SSL in addition to HTTP, or you can require Team Foundation Server users to use HTTPS with SSL. 

In This Section

• Team Foundation Server, Authentication, and Access
  Describes the authentication modes Team Foundation Server supports with Visual Studio 2012 installed.

• Setting up HTTPS with Secure Sockets Layer (SSL) for Team Foundation Server
  Explains the advantages and disadvantages of configuring your deployment to use HTTPS with SSL. This topic also describes how to configure Visual Studio 2012 to support or require HTTPS with SSL for web connections between the data, application, and client tiers of Team Foundation.

See Also

Concepts

Team Foundation Server Architecture

Team Foundation Server Permissions

Configuring Users, Groups, and Permissions

Other Resources

Administering Team Foundation Server

Working within Team Web Access