This chapter provides an overview of Oracle Application Management Pack for Oracle Communications security.
The following principles are fundamental to using any application securely:
Keep software up to date. This includes the latest product release and any patches that apply to it.
Limit privileges as much as possible. Users should be given only the access necessary to perform their work. User privileges should be reviewed periodically to determine relevance to current work requirements.
Monitor system activity. Establish who should access which system components, including how often, and monitor those components.
Install software securely. For example, use firewalls, secure protocols such as SSL and secure passwords.
Learn about and use the Application Management Pack for Oracle Communications security features. See "Implementing Application Management Pack for Oracle Communications Security" for more information.
Keep up to date on security information. Oracle regularly issues security-related patch updates and security alerts. You must install all security patches as soon as possible. See the "Critical Patch Updates and Security Alerts" Web site at:
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
Application Management Pack for Oracle Communications consists of an Enterprise Manager Cloud Control plug-in providing management capabilities for Oracle Communications applications. The plug-in uses Enterprise Manager Cloud Control as a foundation and therefore relies on the security features implemented by Enterprise Manager Cloud Control. You must also secure the managed Oracle Communications applications.
System architecture can be referred from Oracle Enterprise Manager Cloud Control Introduction document.
Access to Application Management Pack for Oracle Communications features is controlled by means of Function points, Data based Security, and Workflow based security.
Application Management Pack for Oracle Communications is dependent on Oracle Enterprise Manager Cloud Control, Oracle WebLogic Server and Oracle Database server. Consult the respective security guides regarding secured use of these tools.
All Oracle Communications applications managed by the Application Management Pack for Oracle Communications plug-in in Enterprise Manager Cloud Control must also be secured. Consult the respective security guides regarding secured use of these applications.
When planning your implementation, consider the following:
Which resources need to be protected?
You need to protect user data, such as host credentials.
You need to protect internal data, such as proprietary source code or application configurations.
You need to protect system components from being disabled by external attacks or intentional system overloads.
Who are you protecting data from?
For example, you need to protect your pricing configuration from competitors, but someone in your organization might need to access that data to manage it. You can analyze your workflows to determine who needs access to the data; for example, it is possible that a system administrator can manage your system components without needing to access the system data.
What will happen if protections on a strategic resources fail?
In some cases, a fault in your security scheme is nothing more than an inconvenience. In other cases, a fault might cause great damage to you or your customers. Understanding the security ramifications of each resource will help you protect it properly.
Environments managed by the Application Management Pack for Oracle Communications plug-in in Enterprise Manager Cloud Control likely contain multiple different operating systems in addition to that used on the management server. Enterprise Manager Cloud Control supports many operating systems for both the management server and management agents.
See the following documents for more information on operating system security:
Oracle Enterprise Manager Cloud Control Basic Installation Guide
Oracle Linux Security Guide
Additional security documentation for operating systems used in your environment.