Security Guide for Siebel Business Applications > About Security for Siebel Business Applications > Siebel Security Architecture >

Secure Physical Deployment to Prevent Intrusion

Access to the physical devices that host Siebel Business Applications must be protected. If these devices are compromised, the security of all applications on the machine are at risk. Utilities that provide machine-level security, by either enforcing machine passwords or encrypting the machine hard drive, can be used and are transparent to the Siebel application.

In Siebel application deployments, the Web server resides in the demilitarized zone (DMZ). Clients outside the firewall access the Web server and the Siebel Server through a secure connection.

  • In employee application deployment, clients as well as servers often reside behind a firewall.
  • In customer or partner application deployment, or in employee application deployment where employees accessing the application are outside of the firewall, the Siebel Server is deployed behind an additional firewall.

Siebel Systems also supports reverse proxy configuration to further enhance the DMZ security. Increasingly, firewall vendors offer virtual private network (VPN) capabilities. VPNs provide a protected means of connecting to the Siebel application for users (such as employees) who require remote access.

Siebel Business Applications work with leading third-party vendors to provide additional physical security measures, such as attack prevention, data back-up, and disaster recovery. For example, HTTP load balancing protects against denial-of-service attacks by handling TCP connections and catching incoming attacks before they reach the Siebel Server. Furthermore, only one IP address and one port need to be opened on the firewall between the Web server and the Siebel Server.

Siebel Systems architecture takes advantage of high availability technologies, such as Microsoft Cluster Services, which allow multiple computers to function as one by spreading the load across multiple systems. For more information, see the Deployment Planning Guide. High availability technologies address the need for failover and catastrophic recovery management. For more information, see Siebel Installation Guide for the operating system you are using.

For more information, see Physical Deployment and Auditing.

Security Guide for Siebel Business Applications