This appendix provides guidelines to help you secure Oracle Communications Mobile Synchronization Gateway and its components.
The following security checklist provides guidelines to help you secure Mobile Synchronization Gateway and its components.
Install only the components you require.
Lock and expire default user accounts.
Use a strong LDAP password policy for user authentication.
Restrict, control, and revisit user privileges:
Grant only the necessary privileges to each user.
Revoke unnecessary privileges from the PUBLIC user group.
Restrict permissions on run-time facilities.
Enforce access controls effectively and authenticate clients stringently.
Restrict network access by doing the following:
Use firewalls.
Never leave an unnecessary hole in a firewall.
Password-protect the Oracle listener against remote access.
Monitor listener activity.
Monitor who accesses your systems.
Restrict system access by IP addresses.
Encrypt network traffic.
Apply all security patches and workarounds.
Encrypt sensitive information.