Scribd Logo
Upload

Welcome to Scribd!

  • Secure Configuration Guide For Oracle E-Business Suite 11i (Doc ID 189367.1)

    Uploaded by

    dvarta
    24 views3 pages
    This document provides guidance on securely configuring Oracle E-Business Suite 11i across the application tier, database tier, and operating environment. It covers topics such as hardening system environments, restricting network access, implementing least privilege, enabling auditing, managing passwords securely, and monitoring for security issues. The document contains best practices for securing components like the Oracle TNS Listener, database, Apache configuration, and more. It also includes appendices with additional technical details.

    Original Description:

    Oracle E-Business Suite Secure Configuration

    Original Title

    Secure Configuration Guide for Oracle E-Business Suite 11i (Doc ID 189367.1)

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides guidance on securely configuring Oracle E-Business Suite 11i across the application tier, database tier, and operating environment. It covers topics such as hardening system environments, restricting network access, implementing least privilege, enabling auditing, managing passwords securely, and monitoring for security issues. The document contains best practices for securing components like the Oracle TNS Listener, database, Apache configuration, and more. It also includes appendices with additional technical details.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    24 views3 pages

    Secure Configuration Guide For Oracle E-Business Suite 11i (Doc ID 189367.1)

    Uploaded by

    dvarta
    This document provides guidance on securely configuring Oracle E-Business Suite 11i across the application tier, database tier, and operating environment. It covers topics such as hardening system environments, restricting network access, implementing least privilege, enabling auditing, managing passwords securely, and monitoring for security issues. The document contains best practices for securing components like the Oracle TNS Listener, database, Apache configuration, and more. It also includes appendices with additional technical details.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 3

    Secure Configuration Guide for Oracle E-Business Suite 11i (Doc ID 189367.

    1)

    Secure Configuration Guide for Oracle E-Business Suite 11 i

    This document provides practical advice for secure configuration of the Oracle E-Business Suite
    11i.

    Secure Configuration Guide for Oracle E-Business Suite 11i. Version 3.1.0 (PDF)

    The document contains the following sections:

     Overview
    o Keep software up to date
    o Restrict network access to critical services
    o Follow the principle of least privilege
    o Monitor system activity
    o Keep up to date on latest security information
     Oracle TNS Listener Security
    o Harden operating environment
    o Add IP restrictions or enable Valid Node Checking
    o Specify connection timeout
    o Enable encryption of network traffic
    o Potentially Enable TNS Listener password
    o Enable admin restrictions
    o Enable TNS Listener logging
     Oracle Database Security
    o Harden operating environment
    o Disable XDB
    o Review database links
    o Remove operating system trusted remote logon
    o Implement two profiles for password management
    o Change default installation passwords
    o Restrict access to SQL trace files
    o Remove operating system trusted remote roles
    o Limit file system access within PL/SQL
    o Limit dictionary access
    o Revoke unnecessary grants to APPLSYSPUB
    o Configure the database for auditing
    o Audit database connections
    o Audit database schema changes
    o Audit other activities
    o Audit administrators and their actions
    o Review audit records
    o Maintain audit records
    o Secure audit records
     Oracle Application Tier Security
    o Harden operating environment
    o Harden Apache configuration
    o Configure modplsql
    o Remove unneeded DAD configurations
    o Enable modplsql custom authorization
    o Restrict modplsql web administration
    o Restrict Web accessibility of plsql Procedures
    o Configure logging
     Oracle E-Business Suite Security
    Secure Configuration Guide for Oracle E-Business Suite 11i (Doc ID 189367.1)

    o Harden operating environment


    o Strike passwords from adpatch logs
    o Set Workflow notification mailer SEND_ACCESS_KEY to N
    o Set Tools environment variables
    o Use SSL (HTTPS) between browser and web server
    o Use External Webtier if exposing any part of EBS to the internet
    o Use Terminal Services for client-server programs
    o Change passwords for seeded application user accounts
    o Tighten logon and session profile options
    o Create new user accounts safely
    o Create shared responsibilities instead of shared accounts
    o Configure Concurrent Manager for safe authentication
    o Activate Server Security
    o Create DBC Files
    o Review and limit Responsibilities and Permissions
    o Set other security related profile options
    o Restrict responsibilities by web server trust level
    o Set Sign-On audit level
    o Monitor system activity with OAM
    o Retrieve audit records using Reports
    o Retrieve audit records using SQL
    o Purge audit records
    o Review data tracked (no Reports available)
    o Configuring audit trail
    o Generate and identify audit trail objects
    o Choose tables to audit
    o Retrieve audit records using SQL
    o Purge audit records
    o References on E-Business Suite auditing
     Desktop Security
    o Configure browser
    o Update browser
    o Turn off AutoComplete
    o Set policy for unattended PC sessions
     Operating Environment Security
    o Cleanup file ownership and access
    o Cleanup file permissions
    o Lockdown operating system libraries and programs
    o Filter IP packets
    o Prevent spoofing
    o Eliminate telnet, FTP and R-Service Daemons
    o Verify network configuration
    o Monitor for attacks
    o Configure accounts securely
    o Limit root access
    o Manage user accounts
    o Secure NFS
    o Secure operating system Devices
    o Use Only Secure executables
    o Secure file access
     Extras for Experts
    o Detect and Prevent Duplicate User Sessions
    o Customize Password Validation
    Secure Configuration Guide for Oracle E-Business Suite 11i (Doc ID 189367.1)

    o Encrypt Credit Cards


    o Advanced Security Option/Networking Option (ASO/ANO)
    o Advanced Security Option/Transparent Data Encryption (ASO/TDE)
    o Practice Safe Cloning
    o Hardening External Procedure (EXTPROC) Services
     Appendix A: Running Web Scanning Tools
     Appendix B: Sensitive Administrative Pages
     Appendix C: Database Schemas found in Oracle E-Business Suite
     Appendix D: Processes used by Oracle E-Business Suite
     Appendix E: Ports used by Oracle E-Business Suite
     Appendix F: Sample Linux Hardening of the Application Tier
     Appendix G: References & More Resources

    Documentation Errata

    In Appendix E, the default value for s_jtfuf_port, the JTF fulfilment server port, should be
    listed as 9300.

    Keywords

    E-Business, Secure Configuration, Hardening, Best Practice, Security

    You might also like