Other security options

You can further protect BDD by installing it behind a firewall and enabling TLS/SSL on Studio's outward-facing ports.

Firewalls

Oracle recommends using a firewall to protect your network and BDD cluster from external entities. A firewall limits traffic into and out of your network, creating a secure barrier around it. It can consist of a combination of software and hardware, including routers and dedicated gateway machines.

There are multiple types of firewalls, so be sure to choose one that suits your resources and needs. One option is to use a reverse proxy server as part of your firewall, which you can configure after installing BDD. For instructions, see Using Studio with a Reverse Proxy.

TLS/SSL in Studio

You can enable TLS/SSL on Studio's outward-facing ports in one or both of the following ways:

Enable encryption through WebLogic Server. You can do this by setting WLS_SECURE_MODE to TRUE in BDD's configuration file.
This method activates WebLogic's default demo keystores, which you should replace with your own certificates after deployment. For more information, see Replacing certificates.
Set up a reverse-proxy server. For instructions on how to do this, see About reverse proxies.

Be aware that these methods don't enable encryption on the inward-facing port on which the Dgraph Gateway listens for requests from Studio.