Table of Contents
This section provides an overview to planning an installation, and instructions for installing a secure system. It describes security-related deployment issues for each installed component; for example, Oracle database and WebLogic Server.
Oracle VM automatically installs into a secure state. This section explains any security implications for choices made in the installation procedure, and how to enable any high security options, such as SSL. As the installation instructions suggest, the user should avoid installing components that are not needed in a specific deployment.
Security measures applied in a default installation include:
active software firewalls (iptables) which only open standard required ports
SSL encryption for all Oracle VM Agent communications, i.e. between agents but also to and from Oracle VM Manager
If you are upgrading from an Oracle VM version older than build 3.1.1.165, some Oracle VM Agent communications that were previously unencrypted will be reconfigured automatically. From this build forward, SSL encryption is set by default for all Oracle VM Agent communications.
HTTPS access to the Oracle VM Manager GUI
User credentials and authentication managed by Oracle WebLogic Server security realms
Small footprint JeOS-like operating system: Oracle Linux without unused packages in order to mimimize attack surface