| Oracle® Communications Connector for Microsoft Outlook Security Guide Release 8.0.2 E55107-01 |
|
|
PDF · Mobi · ePub |
| Oracle® Communications Connector for Microsoft Outlook Security Guide Release 8.0.2 E55107-01 |
|
|
PDF · Mobi · ePub |
Security Guide
Release 8.0.2
E55107-01
August 2014
This guide provides an overview about security for Oracle Communications Connector for Microsoft Outlook. It also provides links to security topics that provide more in-depth information for configuring and administering Connector for Microsoft Outlook security.
For an overview of the features in Connector for Microsoft Outlook, see the overview in Connector for Microsoft Outlook Installation Guide. For information on general security principles, such as security methods, common security threats, and analyzing your security needs, see the discussion about designing for security on the Oracle wiki:
https://wikis.oracle.com/display/CommSuite/Designing+for+Security.
For an overview of operating system security, see Oracle Solaris Security for System Administrators. For more information on Connector for Microsoft Outlook high-level architecture, see the discussion on Connector for Microsoft Outlook system architecture in Connector for Microsoft Outlook Installation Guide.
This section outlines the planning process for a secure installation and configuration.
This section describes recommended secure installation guidelines and deployment topologies for the systems.
To better understand your security needs, ask yourself the following questions:
Which resources am I protecting?
In a Connector for Microsoft Outlook production environment, consider which of the following resources you want to protect and what level of security you must provide:
Protocols: HTTP, SMTP, WCAP, IMAP, WABP, and LDAP
Dependent Products: Directory Server, Messaging Server, Convergence Server (Address Book), and Calendar Server. Be sure to check the security policies governing these dependent products.
Calendar Server front- and back-end hosts
Messaging Server front- and back-end hosts
Dependent resources, such as Directory Server
From whom am I protecting the resources?
In general, resources must be protected from everyone on the Internet. But should the Connector for Microsoft Outlook deployment be protected from employees on the intranet in your enterprise? Should the system administrators have access to all resources? Should the system administrators be able to access all data? You might consider giving access to highly confidential data or strategic resources to only a few well trusted system administrators. On the other hand, perhaps it would be best to allow no system administrators access to the data or resources.
What will happen if the protections on strategic resources fail?
In some cases, a fault in your security scheme is easily detected and considered nothing more than an inconvenience. In other cases, a fault might cause great damage to companies or to users who use Connector for Microsoft Outlook. Understanding the security ramifications of each resource help you protect it properly.
Connector for Microsoft Outlook depends on a Calendar Server and Messaging Server deployment. For more information, see:
Developing a Messaging Server Architecture at: https://wikis.oracle.com/display/CommSuite/Developing+a+Messaging+Server+Architecture
Developing a Calendar Server Architecture at: https://wikis.oracle.com/display/CommSuite/Developing+a+Calendar+Server+Architecture
Developing a Communications Suite Logical Architecture at: https://wikis.oracle.com/display/CommSuite/Developing+a+Calendar+Server+Architecture
The general architectural recommendation is to use the well-known and generally accepted Internet-Firewall-DMZ-Firewall-Intranet architecture. For more information on addressing network infrastructure concerns, see Determining Your Communications Suite Network Infrastructure Needs at: https://wikis.oracle.com/display/CommSuite/Determining+Your+Communications+Suite+Network+Infrastructure+Needs.
Connector for Microsoft Outlook is not a server by itself, but a client that communicates with the Calendar Server and Messaging Server in the back-end. So there is no deployment involved. However, to understand Connector for Microsoft Outlook installation, see the discussion on pre-installation tasks in Connector for Microsoft Outlook Installation Guide.
As mentioned previously, Connector for Microsoft Outlook does not require installing infrastructure components, as it is a client which interacts with the Calendar Server, Messaging Server, Convergence Server (for Address Book support), and LDAP Server (for Corporate Directory support). For more information about how Connector for Microsoft Outlook communicates with Calendar Server and Messaging Server, see the Calendar Server and Messaging Server documentation. You can refer to the following:
Calendar Server 7 Index at: https://wikis.oracle.com/display/CommSuite/Calendar+Server+7+Index
Calendar Server 6.3 Index at: https://wikis.oracle.com/display/CommSuite/Calendar+Server+6.3+Index
Messaging Server Index at: https://wikis.oracle.com/display/CommSuite/Messaging+Server+Index
Installing Connector for Microsoft Outlook consists of the following high-level steps:
Preparing a comprehensive Deployment Plan
Installing the Deployment Configuration Program
Configuring end-user packages
Deploying end user packages
For more information, see the discussion on administration process overview in Connector for Microsoft Outlook Administration Guide and the discussion on installing the desktop deployment toolkit in Connector for Microsoft Outlook Installation Guide. For more information on installing Connector for Microsoft Outlook components, see the discussion on getting started in Oracle Communications Connector for Microsoft Outlook Administration Guide.
The configuration parameters for Connector for Outlook are configured by entering details in the following tabs:
Processes
User Profiles
User.psts
Servers
LDAP
Calendar
Address Book
Single User
For information about desktop installation packages for end users, see the discussion on configuring end-user packages in Connector for Microsoft Outlook Administration Guide. For more information about configuring parameters, see the deployment configuration program online help.
The following are the specific security mechanisms offered by Connector for Microsoft Outlook:
SSL support for all the protocols, such as IMAPS, HTTPS (WABP and WCAP), SMTP+SSL, and LDAPS
Option to not store/cache password
SMIME support (message signing and encryption support)
Certificate-based authentication
For more information about certificate-based authentication as part of Connector for Microsoft Outlook security, see the discussion on certificate-based authentication for Connector for Microsoft Outlook in Connector for Microsoft Outlook Administration Guide.
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.
Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.
Oracle Communications Connector for Microsoft Outlook Security Guide, Release 8.0.2
E55107-01
Copyright © 2014, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.
This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.
This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.
|
 Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
