Professional Documents
Culture Documents
Secure Configuration Guide For Oracle E-Business Suite 11i (Doc ID 189367.1)
Secure Configuration Guide For Oracle E-Business Suite 11i (Doc ID 189367.1)
1)
This document provides practical advice for secure configuration of the Oracle E-Business Suite
11i.
Secure Configuration Guide for Oracle E-Business Suite 11i. Version 3.1.0 (PDF)
Overview
o Keep software up to date
o Restrict network access to critical services
o Follow the principle of least privilege
o Monitor system activity
o Keep up to date on latest security information
Oracle TNS Listener Security
o Harden operating environment
o Add IP restrictions or enable Valid Node Checking
o Specify connection timeout
o Enable encryption of network traffic
o Potentially Enable TNS Listener password
o Enable admin restrictions
o Enable TNS Listener logging
Oracle Database Security
o Harden operating environment
o Disable XDB
o Review database links
o Remove operating system trusted remote logon
o Implement two profiles for password management
o Change default installation passwords
o Restrict access to SQL trace files
o Remove operating system trusted remote roles
o Limit file system access within PL/SQL
o Limit dictionary access
o Revoke unnecessary grants to APPLSYSPUB
o Configure the database for auditing
o Audit database connections
o Audit database schema changes
o Audit other activities
o Audit administrators and their actions
o Review audit records
o Maintain audit records
o Secure audit records
Oracle Application Tier Security
o Harden operating environment
o Harden Apache configuration
o Configure modplsql
o Remove unneeded DAD configurations
o Enable modplsql custom authorization
o Restrict modplsql web administration
o Restrict Web accessibility of plsql Procedures
o Configure logging
Oracle E-Business Suite Security
Secure Configuration Guide for Oracle E-Business Suite 11i (Doc ID 189367.1)
Documentation Errata
In Appendix E, the default value for s_jtfuf_port, the JTF fulfilment server port, should be
listed as 9300.
Keywords