Skip Headers
Siebel CRM Siebel Security Hardening Guide
Siebel Innovation Pack 2015
E24815-01
Home
Index
Next
View PDF
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
What's New in This Release
What's New in Siebel Security Hardening Guide, Siebel Innovation Pack 2015
What's New in Siebel Security Hardening Guide, Siebel Innovation Pack 2014
2
Overview of Security Threats, Recommendations, and Standards
About This Guide
Security Threats and Vulnerabilities
General Security Recommendations
Patch Management
Critical Patch Updates for Siebel Business Applications
Security Standards and Programs
About the Oracle Software Security Assurance Program
About Using Transport Layer Security with Siebel CRM
3
Securing the Network and Infrastructure
About Securing the Network Infrastructure
Network Zones and Firewalls
Guidelines for Assigning Ports on Firewalls
Guidelines for Deploying Siebel Business Applications Across a Firewall
Routers
Network Address Translation
Load Balancers
Proxy Servers
Forward Proxy Servers
Reverse Proxy Servers
Virtual Private Networks
About Using Internet Protocol Security
Preventing Denial of Service Attacks
Recommended Network Topologies
Network Configuration for Medium-Scale Deployments of Siebel Business Applications
Network Configuration for Large-Scale Siebel Deployments
Network Authentication and Monitoring
Enabling Encryption of Network Traffic
Enabling Encryption Between the Web Client Browser and Web Server
Enabling Encryption Between the Web Server and Siebel Server
Enabling Encryption Between the Siebel Server and Siebel Database
Enabling Encryption for Security Adapters
About Using TLS with Siebel Enterprise Application Integration (EAI)
Securing the Siebel Web Server
Implementing a Proxy Server
Monitoring Disk Space
Removing Unnecessary Subdirectories (Windows)
Assigning Web Server File Permissions (Windows)
Encrypting Communications to the Web Server
Encrypting Passwords in the eapps.cfg File
Securing User Session IDs
Setting Security Features of the Siebel Web Server Extension
Securing the Siebel Server
Encrypting Communications to the Siebel Server
Restricting Siebel Server Access
Encrypting the jndi.properties File
Securing the Siebel Client
Deploying Siebel Open UI
Enabling ActiveX Controls for High Interactivity Clients
Encrypting Communications for Web Clients
Providing Physical Security for the Client Device
Defining a Policy for Unattended Personal Computer Sessions
Keeping Browser Software Updated
Updating Security Patches
Securing Mobile Clients
Securing Siebel Remote
Securing the Synchronization Framework
Authenticating the Mobile Web Client
Encrypting Communications
Encrypting DX Transaction Files
Using a VPN When Synchronizing Through the Internet
Encrypting Data in the Local Database and File System
Local Database
Local Siebel File System
Defining Password Management Procedures
Securing Siebel Wireless
Securing Handheld Devices Running Siebel Business Applications
Securing the Siebel Document Server
Securing Email Communications
Securing the Email Server
Encrypting Communications Between the Siebel Server and the Email Server
Deleting Processed Email Messages
Securing the Siebel Reports Environment
Guidelines for Providing Additional Security for Oracle BI Publisher
4
Securing the Operating System
About Securing Operating Systems
Protecting Files and Resources
Securing the Siebel File System
Assigning Rights to the Siebel File System
Assigning Rights to the Siebel File System on Windows
Assigning Rights to the Siebel File System on UNIX
Excluding Unsafe File Types from the Siebel File System
About Potentially Unsafe File Types
Enabling File Extension Checking
About File Extension Checking on the Siebel Mobile Web Client
Assigning Rights to the Siebel Service Owner Account
Assigning Rights to the Siebel Service Owner Account on Windows
Assigning Rights to the Siebel Service Owner Account on UNIX
Applying Patches and Updates
5
Securing the Siebel Database
Restricting Access to the Siebel Database
Reviewing Authorization Policies
Protecting Sensitive Data in the Siebel Database
Maintaining Database Backups
6
Securing Siebel Business Applications
About Securing Applications
Guidelines for Deploying Siebel Business Applications
About Disabling Siebel Components
About User Authentication
Implementing Password Management Policies
General Password Policies
Defining Rules for Password Syntax
About Configuring Password Hashing for Users
Reviewing Special User Privileges
About Implementing Authorization and Access Control
View-Level Access Control
Record-Level Access Control
Implementing Personal Visibility for the User Profile View
About Securing Application Data During Configuration
About Using Web Services
About Defending Data from HTML Injection
Displaying HTML Content
Specifying Trusted Server Names
About Using External Business Components
About Using HTTP Methods
About Message Broadcasting
About Securing Third-Party Applications
7
Implementing Auditing
Operating System Auditing
Database Auditing
Siebel Business Applications Event Logging
About Siebel Audit Trail
8
Performing Security Testing
About Performing Security Assessments
About the Common Vulnerability Scoring System
Using Masked Data for Testing
Methods of Masking Data
A
Supported Security Standards
Payment Card Industry Data Security Standard
Common Criteria for Information Technology Security Evaluation
Federal Information Processing Standard (FIPS) 140
B
Default Port Allocations
Port Allocations for Siebel CRM Release 8.x
Index