| Bookshelf Home | Contents | Index | Search | PDF | |
Security Guide for Siebel eBusiness Applications > About Security Resources for Siebel Applications > Siebel Security Architecture >
Secure Physical Deployment to Prevent Intrusion
Access to the physical devices that host Siebel applications must also be protected. If these devices are compromised, the security of all applications on the machine are at risk. Utilities that provide machine-level security, by either enforcing machine passwords or encrypting the machine hard drive, can be used and are transparent to the Siebel application.
In employee application deployment, clients as well as servers are often sitting behind a firewall. In customer or partner application deployment, or in employee application deployment where employees accessing the application are sitting outside of the firewall, the Siebel Server is deployed behind a firewall and resides in a demilitarized zone (DMZ).
A Web server sits in the DMZ, with clients outside the firewall accessing the Web server and the Siebel Server through a secure connection. Siebel Systems also supports reverse proxy configuration to further enhance the DMZ security. Increasingly, firewall vendors are offering virtual private network (VPN) capabilities. VPNs provide a protected means of connecting to the Siebel application for workers who require remote access.
Siebel works with leading third-party security providers to provide additional physical security measures, such as attack prevention, data back-up, and disaster recovery. For example, Resonate protects against denial of service attacks by handling the TCP connections and catching incoming attacks before they ever reach the Siebel Server. Furthermore, with Resonate, only one IP address and one port need to be opened on the firewall between the Web server and the Siebel Server.
Additionally, Siebel Systems architecture takes advantage of technologies, such as Microsoft Cluster Services, that allow multiple computers to function as one by spreading the load across multiple systems. Cluster Services addresses the need for failover and catastrophic recovery management.
| Bookshelf Home | Contents | Index | Search | PDF | |
Security Guide for Siebel eBusiness Applications Published: 23 June 2003 |