Oracle® Health Sciences Empirica Signal Secure Configuration Guide Release 8.0 E50112-01 |
|
![]() Previous |
![]() Next |
This chapter includes the following sections:
The Empirica Signal Installation Guide includes procedures that install the software and system components in a secure state by default. The accounts that you create during the installation also have restrictive permissions by default. Perform the following steps to secure the Empirica Signal software. Some of the steps are described in further detail in the Empirica Signal Installation Guide.
Before installing the Empirica Signal software, obtain an SSL certificate, install it on the application server, and configure WebLogic to use the certificate.
Install the Empirica Signal application so that it listens on a separate port from WebLogic Console and Enterprise Manager. The installation instructions guide you through configuring the Empirica Signal application to run in its own WebLogic managed server with its own port.
Install only the Empirica Signal components that you plan to use. If you do not plan to use Topics or Signal Management in your Empirica Signal deployment, you can skip the optional installation instructions. After you complete the installation, you can disable other features that you might not use, such as interactive reports, in the site options.
When you are required to authenticate to your Oracle database during the Empirica Signal installation, do not provide database account passwords as arguments from the command prompt. The standard installation instructions provide examples of appropriate scripts.
The standard Empirica Signal installation requires you to make several files editable. After the installation completes, make sure that you set the files to read-only again unless explicitly instructed otherwise in the Empirica Signal Installation Guide.
The Empirica Signal application provides the option to download table data to a Microsoft Excel spreadsheet or to other file types, such as PDF, text, or SAS files. Establish best practices for downloading data to ensure the data remains secure outside the Empirica Signal application.
In the Empirica Signal application, provide secure email addresses for the Feedback Email and Error Email site options. Consider providing email addresses that are not routed over the Internet.
Do not install the Empirica Signal application on the WebLogic Administration Server.
Install the Empirica Signal application on its own Managed Server in the WebLogic domain. When you use a separate Managed Server for the Empirica Signal application, you access the Empirica Signal using a different port than that of the Administration Server.
The following steps allow you to install the Oracle database securely.
For more information and additional guidelines for securely installing and managing the Oracle database, see the Oracle® Database Security Guide, 11g Release 2:
http://docs.oracle.com/cd/E11882_01/network.112/e16543/toc.htm
Periodically check the security site on Oracle Technology Network for details about security alerts for Oracle products.
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
Periodically check the security site on Oracle Technology Network for details about security alerts on Oracle Java SE:
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
Oracle Database is installed with several default database user accounts, such as SYS and SYSTEM. After the database installs successfully, the Database Configuration Assistant automatically locks most built-in database user accounts and marks them as expired. After the accounts expire, you should configure strong and secure passwords for them.
For information on securely installing and configuring Oracle Access Manager, see the Oracle Identity and Access Management Security guides:
For information on installing and configuring Oracle BI EE and its components securely, see the Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition, 11g Release 1: