Bookshelf Home | Contents | Index | Search | PDF |
Security Guide for Siebel eBusiness Applications > Physical Deployment and Auditing >
Resonate Support
Siebel Systems works with Resonate, a leading third-party supplier of security products to provide additional physical security measures. Resonate minimizes the number of ports and addresses that need to be opened on the firewall between the Web server and the Siebel Server. Resonate can be configured to use only one IP (VIP) and one port (Virtual Port) for all Siebel to Web server communications.
Single port exposure allows you to consolidate network access for better port monitoring and security. It also provides simplified firewall configuration. You only have to configure one virtual port, not many.
Additional Resonate security features include:
- Denial of Service (DoS) Attack prevention. In a DoS attack, Resonate helps handle the TCP connections. Incoming attacks can be cached at the scheduler before they ever reach the Siebel Server. Resonate Central Dispatch has a built-in mechanism to stop DoS attacks at the point of entry.
- Virtual IP addressing. Resonate's VIP shields hackers from accessing Siebel Servers directly. Because it is an IP alias, no physical addresses are ever exposed. Web servers in the DMZ communicate with the VIP only.
- TCP Handshake protection. The TCP handshake is replayed from the Resonate Scheduler to the Siebel Server rather than directly from the Web server to the Siebel Server.
- NAT firewall. Resonate allows you to install a Network Address Translation (NAT) firewall between the Siebel Server and the Web server.
For information on configuring and installing Resonate Central Dispatch on your Siebel site, see the Siebel Server Installation Guide for the operating system you are using.
Bookshelf Home | Contents | Index | Search | PDF |
Security Guide for Siebel eBusiness Applications Published: 23 June 2003 |