Table 2. New Product Features in Security Guide for Siebel eBusiness Applications, Version 7.7
|
|
Managing Encrypted Passwords in the eapps.cfg File |
Passwords stored in the eapps.cfg file are now encrypted. The encryptstring.exe utility can be used for manual encryption of such passwords. |
Firewall and Proxy Server Support |
Siebel high interactivity applications can now support reverse proxy Web server configurations. |
Role of Siebel Server Load Balancing in Networking Security |
Siebel Servers can load-balance Siebel Servers, using either Siebel load balancing or a third-party load balancer. See also the Deployment Planning Guide. |
Port Numbers |
Application Object Managers (AOMs) now use static ports. |
Configuring Secure Communications |
The SSL Configuration Utility (for SISNAPI) is now integrated with the Siebel Software Configuration Utility (for Enterprise or SWSE). It can also run as a stand-alone utility. |
Configuring Data Encryption |
The Siebel Strong Encryption Pack now includes AES data encryption at three levels: 128-bit, 192-bit, and 256-bit. Multiple upgrade scenarios are supported for higher levels of data encryption. The Key Database Manager utility now supports AES encryption. Business component field configuration now supports AES encryption through the AES Encryptor business service. The mangle algorithm has been removed from internal code references. |
Security Adapter Authentication |
Parameters for security adapters have moved from configuration files to Siebel Gateway Name Server and are configured through Siebel Server Manager. (Configuration files are still used for Mobile and Dedicated Web Client.) Security adapters and authentication manager are no longer part of AOM; security adapters are defined as enterprise profiles (named subsystems). Database authentication now uses the security adapter framework (the database security adapter is the default). Some security-related configuration parameters and system preferences from previous releases are now obsolete. |
Installing LDAP Client Software |
Deploying any LDAP security adapter now requires installation of IBM LDAP client software provided by Siebel Systems. |
Using the LDAP/ADSI Configuration Utility |
The LDAP/ADSI Configuration Utility is enhanced. |
Configuring Password Hashing |
Password hashing (for users or credentials) is now configured and performed through the security adapter. The hashpwd.exe utility replaces encrypt.exe and provides support for the RSA SHA-1 hashing algorithm. Customers can migrate passwords to RSA SHA-1 algorithm. (The prior mangle algorithm is still available for existing customers.) |
Configuring the Application User |
The application user is no longer optional when using LDAP/ADSI security adapters. |
Authentication for Mobile Web Client Synchronization |
Mobile Web Client synchronization using Synchronization Manager can now optionally use security adapter authentication. The Database authentication option for Mobile Web Client now uses the database security adapter. See also Siebel Remote and Replication Manager Administration Guide. |
Web Single Sign-On Authentication |
Microsoft Windows Integrated Authentication can now be deployed as a Web Single Sign-On (Web SSO) alternative. |
Cookies and Siebel Applications |
Configuration parameters in the eapps.cfg file for session tracking and cookie management are now modified. |
About Single- and Multiple-Organization Access Control |
Lists of Values can now be configured for multiple-organization visibility. |
Managing Tab Layouts Through Responsibilities Managing Tasks Through Responsibilities Clearing Cached Responsibilities |
Default tab layouts and tasks are now configured through responsibilities. (Tab layouts feature added in version 7.5.3.) Views can be specified to be read-only for responsibilities you associate them with. Administrators can clear cached responsibilities. Roles (Siebel application feature) are now obsolete. Capabilities for roles are now included in responsibilities. |