| Siebel CRM Deploying Siebel Open UI Siebel Innovation Pack 2015 E54321_01 |
|
 Previous |
 Next |
View PDF |
| Siebel CRM Deploying Siebel Open UI Siebel Innovation Pack 2015 E54321_01 |
|
Previous |
Next |
View PDF |
This topic describes some of the characteristics of the server environment in a Siebel Open UI deployment. It includes the following information:
"Firewall and Proxy Server or Reverse Proxy Server Requirements"
"Differences Between the Siebel Open UI Client and the High Interactivity Client"
Siebel Open UI is the most secure Siebel CRM client available, with the following characteristics:
Limited attack surface. Siebel Open UI uses only three technologies to render the client code: HTML, CSS, and JavaScript. Because of the small set of underlying technologies that are used to render the client and the absence of third-party plug-ins such as ActiveX and Java, Siebel Open UI provides the smallest possible attack surface.
Transparent technology. Because the Siebel Open UI client is built entirely on standards, a variety of modern inspection tools can be used to validate the security compliance of your implementations.
Compatibility with Data Execution Prevention features and virtualization. Because the Siebel Open UI client is a scripted client, it is fully compatible with Data Execution Prevention features for software or hardware, and compatible with virtualization features. The Siebel Open UI client supports a variety of techniques for implementing secure environments.
Secure sessions and limited concurrency. The Siebel CRM server environment provides sophisticated session security for a secure user experience. To protect data integrity and system security, concurrent browser sessions are not supported for Siebel CRM applications. When this condition is detected, the application provides options for how to proceed.
FIPS-140-2. Siebel Open UI supports the FIPS-140-2 standard, with applicable configuration.
Common Criteria Certification. The Siebel CRM applications meet Common Criteria Certification, to Evaluation Assessment Level 2. For more information, see the following:
http://www.commoncriteriaportal.org/files/epfiles/st_vid3026-vr.pdf
Oracle tests JavaScript controls from third parties according to the same rigorous standards as those for testing Oracle code. Because all of the client code is standards-based and well-understood by inspection tools, thorough testing is simplified. Oracle uses industry-leading Web application security assessment solutions to validate that the Siebel Open UI client is secure. Oracle also validates security through its security-architecture teams and its internal oversight organizations and works with the ethical hacking community to put code to the practical test of security.
Oracle takes part in Open Web Application Security Project (OWASP). Developer training provided by Oracle Software Security Assurance (OSSA) is in line with the guidelines and recommendations provided by OWASP documentation. All Oracle product development teams are mandated to follow OWASP guidelines, policies, and secure coding standards.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Related Topics
"Implementation Differences Related to Browsers"
Related Books
Siebel Security Guide
Siebel Security Hardening Guide
The resource use for Siebel Open UI is similar to the resource use for the high interactivity client. The work done on the server is similar for the Siebel Open UI client as it is for the high interactivity client. Providing the same set of users with two Application Object Managers for an application, one for Siebel Open UI and one for high interactivity, does not necessarily require additional hardware resources, because users tend to use only one client at a time.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
When deploying Siebel Business Applications across a firewall, make sure that the firewall supports the HTTP 1.1 protocol. Using HTTP 1.0, although it is supported, results in reduced performance. If the firewall or proxy server does not fully support HTTP 1.1, then make sure of the following:
Web server compression is disabled. Set the DoCompression parameter to False in the eapps.cfg file.
The firewall proxy is able to handle cookie wrapping or other proxy-specific features that enable cookie handling and forwarding.
Headers passed to the Siebel Web Server Extension do not contain HTTP 1.1 protocol content. You can automate this by setting the proxy server to strip out HTTP 1.1 header content.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Related Books
Siebel Security Hardening Guide
Although the Siebel Web Server Extension (SWSE) attempts to perform some amount of optimization, it is recommended that you run performance-tuning plug-ins such as YSlow, an add-on for Mozilla Firefox. YSlow verifies proper configuration tuning of the Web server. For more information about YSlow, see
https://addons.mozilla.org/en-US/firefox/addon/yslow/
For a well-configured system, YSlow generally provides a grade of 85 or higher. For more information about performance rules for Web servers, see the following site:
http://developer.yahoo.com/performance/rules.html
The following settings are required for the Web server:
Minify customization by using a tool such as YUI Compressor for your custom JavaScript and CSS.
Enable Gzip compression on the Web server.
Disable entity tags (ETags) on the Web server. Doing this generally improves performance on multi-server deployments.
Set header expiration to five days for production deployments. Do not set header expiration for development environments.
|
Note: For Microsoft IIS 7 and later, these settings are automatically set correctly in the IIS configuration when you configure the SWSE. For other supported Web servers, you must optimize the Web server manually. |
For more information about configuring the Web server and the SWSE, see the Siebel Installation Guide for the operating system you are using. For more information about performance tuning for Siebel Business Applications, see Siebel Performance Tuning Guide.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Related Books
Siebel Installation Guide for the operating system you are using
Siebel Performance Tuning Guide
Because the client-server communication is very similar for both Siebel Open UI and high interactivity, the networking characteristics are similar. In support of reduced network traffic, the Siebel Open UI client supports the following new features:
Partial refresh. This feature allows only distinct regions of the UI to be refreshed, rather than the entire screen. This feature saves network bandwidth.
Push notifications. This feature eliminates polling for Siebel Communications Server messages, such as for computer telephony integration (CTI) and other types of messages.
These features improve bandwidth requirements and in some cases reduce power consumption on mobile devices, by reducing chattiness. Siebel CRM can run on modern wired or wireless networks, and it supports use over low-bandwidth connections.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Related Books
Siebel CTI Administration Guide
The Siebel Open UI client uses interpreted JavaScript to render the client, which performs extremely well on modern browsers. Features such as partial refresh supporting greater granularity and efficient updating of UI regions, and improved asynchronous operation, improve performance characteristics in specific use cases of the client.
Siebel Open UI caches client files and static Web templates by using different implementations but similar mechanisms as the high interactivity client. It is expected that performance will be largely similar, although you are advised to test for performance in your user-acceptance testing.
In order to work on a variety of platforms, Siebel Open UI runs on code that is interpreted or JIT (just-in-time) compiled in the browser. Differences in performance depend on customization of the interface when you run cross-platform code that is inherent to Siebel Open UI.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Related Topics
A Web application can render content beyond the limits of the data displayed on the screen, effectively increasing the amount of work done to render content without any user benefit. It is recommended to build user interfaces that render only content in the visible area of the user interface. Large rendered surfaces, the interpreted nature of the application, and the ability to adjust application functionality can compound and reduce the performance and response times of the UI. It is recommended that you review the deployment with a focus on optimized content.
In light of these considerations, review the following recommendations:
Minimize the number of applets in a view. It is recommended both from a performance and usability perspective not to add more applets to a screen than the typical user can view or work with without scrolling. Scrolling interrupts work and does not work well on some mobile devices, and the content that is not displayed still must be rendered when the screen is refreshed.
Minimize the number of displayed columns in a list view. Consider limiting and setting reasonable defaults for the number of columns available for list views. For most computer desktops, no more than seven columns should be displayed by default, as a rule of thumb. Even hidden components have to be processed by the rendering engine.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Related Books
Siebel Performance Tuning Guide
Siebel Open UI tries to hide specific differences in rendering between browsers within the user interface, but some browser-specific differences exist. Customers are encouraged to identify differences in rendering and to choose browsers based on the best usability offered. Examples are provided in this topic.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Siebel Open UI is compatible with popup blocker use. Make sure that Siebel application servers and third-party iFrames are whitelisted or excluded from blocking by popup blockers.
Two basic strategies exist for managing your browser version:
Lock browsers to specific versions. Although locking your browser version mitigates the risks of introducing regressive interactions into the Siebel CRM environment, this approach introduces the risks of not patching imperfect browser code and does not help in addressing functional and security fixes in browsers.
Dynamically update browsers. It is strongly recommended to mitigate browser-related functional and security risks by allowing browsers to update dynamically. If regressive interactions occur, then Oracle and the browser vendors are committed to addressing these in a timely manner.
To validate Siebel application pages and the browser you are using against W3C standards, you can use any of several validation services, including the following:
W3C markup validation:
HTML 5 validation:
CSS validation:
Lint, JSLint and derivative programs:
Tabbed browsing is supported with Siebel Business Applications for one active session. Multiple Web pages can be opened using tabbed browsing. However, only one tab can have a live connection to a Siebel application at a given time. Using multiple browser tabs uses more resources and therefore can affect client performance.
In general, language support for Siebel Open UI is similar to language support provided in previous versions on the traditional clients. For Siebel language support, Unicode support, and legacy code page support, see 1513102.1 (Article ID) on My Oracle Support. See also Siebel Global Deployment Guide and Siebel Installation Guide for the operating system you are using.
Some technical differences between the Siebel Open UI client and the high interactivity client are described as follows. See also "Siebel Open UI Client Requirements".
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Modern browsers and JavaScript-based applications perform very well in delivering functional, high-performance, and standards-based applications that do not require plug-ins or associated predeployment tasks (such as for ActiveX controls used in the high interactivity client). The Siebel Open UI client provides a flexible platform for employee, partner, and customer applications.
The Siebel Open UI client is more flexible than the high interactivity client, for which much of the functionality is hard-coded.
Siebel Open UI. In the Siebel Open UI client, all aspects of rendering can be controlled. Colors, fonts, borders, backgrounds, and the controls used for rendering can be exchanged to offer just about any user experience desired. This flexibility creates somewhat more overhead in regard to performance, when combining this attribute with improper application tuning. It is recommended to tune customized applications to take this into consideration.
High interactivity. This client is effectively a monolithic client: colors, borders, and fonts cannot easily be changed, and you cannot modify the behavior of the UI. This monolithic design enables a compact client, though it is not flexible.
In the Siebel Open UI client, more of the code is interpreted than compiled, relative to the high interactivity client.
Siebel Open UI. Siebel Open UI has a strong dependency on the performance of the browser's rendering engine. The information about browser performance provides guidance on choosing the best performing clients.
High interactivity. This client is built using ActiveX, which is essentially Win32 compiled and proprietary code. Operations in this client can be processed very efficiently.
The support for WAI-ARIA standards for accessibility for the Siebel Open UI client changes the way in which the Siebel Business Applications support accessibility requirements. For more information, see Siebel Fundamentals for Siebel Open UI.
Siebel CRM supports side-by-side use of all user interfaces in a single deployment and on a single server: Siebel Open UI, high interactivity, and standard interactivity. However, each user interface must have a configured Application Object Manager component. Separate components allow you to run Siebel Open UI in parallel to existing Siebel client instances. All applications use a unique URL.
Siebel Open UI supports the existing SRF without any change to it and supports Siebel Web template files that have been customized. With Siebel Open UI, it is recommended that you move any custom Web templates to the newly created customer files directory, as described in Configuring Siebel Open UI. See also "Migrating SRF Files and SWT Files".
Additionally, migrating to Siebel Open UI requires no changes in your existing browser scripting, as used in high interactivity.
The new JavaScript API provides a more modern means of achieving what you can also achieve using client-side browser scripting. You can write JavaScript using your own development environment and extend it by using the provided JavaScript API. For guidance on converting browser scripting to JavaScript API content, see Configuring Siebel Open UI.
When you use the new file deployment structure, Siebel Open UI allows you to obtain dynamically updated Web templates from Oracle, without the possibility of overwriting your custom file content. Using the new customer directory allows for maintenance and improvement of templates for issues related to performance, usability, and standards compliance of the standard templates, as part of Siebel Innovation Pack releases. You can lock templates, preventing them from being upgraded, by moving them to the customer directory structure. If you migrate existing Web templates for high interactivity, then you must physically move the files into the new directory structure. For guidance on this activity, see Configuring Siebel Open UI.
This topic is part of "Siebel Open UI Server Deployment Characteristics".
Related Books
Configuring Siebel Open UI
