Skip Headers
Oracle® Health Sciences Empirica Signal Secure Configuration Guide
Release 8.0
E50112-01
  Go To Table Of Contents
Contents

Previous
Previous
 
Next
Next
 

2 Secure installation and configuration

This chapter includes the following sections:

Installing and configuring the Empirica Signal software

The Empirica Signal Installation Guide includes procedures that install the software and system components in a secure state by default. The accounts that you create during the installation also have restrictive permissions by default. Perform the following steps to secure the Empirica Signal software. Some of the steps are described in further detail in the Empirica Signal Installation Guide.

Configure WebLogic to use SSL

Before installing the Empirica Signal software, obtain an SSL certificate, install it on the application server, and configure WebLogic to use the certificate.

Use a separate port for the Empirica Signal application

Install the Empirica Signal application so that it listens on a separate port from WebLogic Console and Enterprise Manager. The installation instructions guide you through configuring the Empirica Signal application to run in its own WebLogic managed server with its own port.

Install only what is required

Install only the Empirica Signal components that you plan to use. If you do not plan to use Topics or Signal Management in your Empirica Signal deployment, you can skip the optional installation instructions. After you complete the installation, you can disable other features that you might not use, such as interactive reports, in the site options.

Execute scripts without passwords on the command line

When you are required to authenticate to your Oracle database during the Empirica Signal installation, do not provide database account passwords as arguments from the command prompt. The standard installation instructions provide examples of appropriate scripts.

Reset the Read Only attribute

The standard Empirica Signal installation requires you to make several files editable. After the installation completes, make sure that you set the files to read-only again unless explicitly instructed otherwise in the Empirica Signal Installation Guide.

Establish best practices for downloading data

The Empirica Signal application provides the option to download table data to a Microsoft Excel spreadsheet or to other file types, such as PDF, text, or SAS files. Establish best practices for downloading data to ensure the data remains secure outside the Empirica Signal application.

Route email to a secure address

In the Empirica Signal application, provide secure email addresses for the Feedback Email and Error Email site options. Consider providing email addresses that are not routed over the Internet.

Install the Empirica Signal application on a separate Managed Server

Do not install the Empirica Signal application on the WebLogic Administration Server.

Install the Empirica Signal application on its own Managed Server in the WebLogic domain. When you use a separate Managed Server for the Empirica Signal application, you access the Empirica Signal using a different port than that of the Administration Server.

Installing the Oracle database

The following steps allow you to install the Oracle database securely.

For more information and additional guidelines for securely installing and managing the Oracle database, see the Oracle® Database Security Guide, 11g Release 2:

http://docs.oracle.com/cd/E11882_01/network.112/e16543/toc.htm

Patch the database regularly and apply security updates

Periodically check the security site on Oracle Technology Network for details about security alerts for Oracle products.

http://www.oracle.com/technetwork/topics/security/alerts-086861.html

Patch the Oracle Java SE regularly and apply security updates

Periodically check the security site on Oracle Technology Network for details about security alerts on Oracle Java SE:

http://www.oracle.com/technetwork/topics/security/alerts-086861.html

Allow database passwords to expire, and change default passwords

Oracle Database is installed with several default database user accounts, such as SYS and SYSTEM. After the database installs successfully, the Database Configuration Assistant automatically locks most built-in database user accounts and marks them as expired. After the accounts expire, you should configure strong and secure passwords for them.

Installing Oracle Access Manager

For information on securely installing and configuring Oracle Access Manager, see the Oracle Identity and Access Management Security guides:

http://docs.oracle.com/cd/E21764_01/security.htm

Installing Oracle Business Intelligence Enterprise Edition (OBIEE)

For information on installing and configuring Oracle BI EE and its components securely, see the Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition, 11g Release 1:

http://docs.oracle.com/cd/E23943_01/bi.1111/e10543/toc.htm