As installed, enterprise server regions and other components do not use the External Security Facility (ESF). They should be configured to use ESF and a suitable External Security Manager (or managers). The MFDS Internal Security manager, which MFDS uses by default, is deprecated and should not be used in production. Similarly, the CAS Sign-on Table (SNT) security manager has limited features and is not recommended for production use. Most of the topics in this chapter assume ESF is being used. See Using and hardening ESF for more information.