This chapter presents planning information for your Oracle Communications Messaging Server system and describes recommended installation guidelines that enhance security.
For more information about installing Messaging Server, see the Messaging Server Installation and Configuration Guide.
The following infrastructure components should be installed and secured prior to Messaging Server installation. You need to understand how all components in the infrastructure communicate so that you can apply appropriate security measures to every interconnect.
Directory Server: Messaging Server connects to the Oracle Directory Server Enterprise Edition, an LDAP-based directory server for user and group information and for provisioning. See the discussion on enhanced security in the Oracle Fusion Middleware Evaluation Guide for Oracle Directory Server Enterprise Edition.
Directory Server Setup Script: The comm_dssetup.pl script prepares the Directory Server for Messaging Server installation.
GlassFish Message Queue: For the list of components that can be installed by the Messaging Server installer, run the commpkg info --listPackages command. See the discussion on commpkg info usage in the Messaging Server Installation and Configuration Guide for additional information. Additionally, see the discussion on configuring and managing security services in the Oracle GlassFish Message Queue 4.4.2 Administration Guide.
Messaging Server Oracle Solaris Cluster HA Agent 7.0: High availability can be optionally installed.
DNS Server: You must ensure that Domain Name System (DNS) is running and configured properly. For details, see the Messaging Server Installation and Configuration Guide.
File System: See the discussion on recommended file systems for Message Stores in the Messaging Server Installation and Configuration Guide.
In addition to dependent products, it is equally important to secure the other components within Unified Communications Suite for secure Messaging Server deployment.
Review the following guidelines for components within the Unified Communications Suite that impact Messaging Server security:
Convergence: See the discussion about the overview of Convergence security in the Convergence Security Guide for more information.
Connector for Microsoft Outlook: See the Connector for Microsoft Outlook Security Guide for more information.
Indexing and Search Service: See the Indexing and Search Service Security Guide for more information.
Contacts Server: See the Contacts Server Security Guide for more information.
Delegated Administrator: See the Delegated Administrator Security Guide for more information.
The installation prompts for the following authentication credentials:
User Name and Group Name for Server Processes
Directory Server manager (bind DN and password)
Password for server administration
The high-level post-installation steps to configuring Messaging Server for a secure installation include:
Installing Messaging Server Provisioning Tools
Enabling SMTP Relay Blocking
Enabling Startup After a Reboot
Configuring Certificate Based Authentication
For instructions, see the discussion on the Messaging Server initial configuration in the Messaging Server Installation and Configuration Guide.
Note:
Once installation is complete, Oracle recommends encrypting and moving the initial state files and configure.ldif file, if generated.