When you deploy Nexus Timestamp Server, you must consider a number of network and security issues, especially if the server is exposed externally. This article gives a list of some actions to be considered when deploying Nexus Timestamp Server.

1. If Nexus Timestamp Server is exposed externally:
   1. make sure that it resides behind a properly configured firewall.
   2. use an HTTP proxy/filter to filter invalid or suspicious HTTP traffic.
2. If you require authentication, TLS must be enabled.
3. If you use the built-in TLS functionality of Nexus Timestamp Server, replace the example TLS key.
4. If you use TLS, make sure that Nexus Timestamp Server has access to external OCSP and/or LDAP servers for certificate revocation purposes.
5. Set the log level for the default log to WARNING or INFO and make sure that there is enough disk space to hold the logs.
6. Make sure that the service configuration is correct and replace all example keys.