1. Testing Business Applications Guide

To make sure that information remains private, Siebel Business Applications support the use of the following encryption technologies for communications:

  • TLS encryption for Web client connections. For data security over the Internet, Siebel Business Applications support the use of the Transport Layer Security (TLS) capabilities of supported Web servers to secure transmission of data between the Web browser and the Web server. The use of TLS for Web server and Siebel Web Client communications is transparent to Siebel Business Applications. For information on configuring TLS for Web server communications with the browser, see the vendor documentation.

    Siebel Business Applications can be configured to run completely under HTTPS or simply handle login requests under HTTPS. For more information, see About the Siebel Web Client and Using HTTPS and Implementing Secure Login.

  • Encryption for Siebel component connections (TLS). Siebel administrators can enable encryption for communications between Siebel components. The Siebel communications protocol provides a security and compression mechanism for network communications based on TLS.

    By default, encryption based on TLS uses the AES algorithm with 256-bit encryption keys.

    TLS also supports certificate authentication between the Web server and the Siebel Server, or between Siebel Servers.

  • TLS encryption for connections to directory servers. TLS encryption is supported for connections to certified LDAP directories.

  • TLS encryption for connections to email servers. TLS encryption is supported for connections to email servers using Siebel Communications Server components. TLS encryption is supported for connections to Microsoft Exchange Server email servers. For information, see Siebel Email Administration Guide.

  • Encryption of communications between the Siebel Server and the Siebel database. The encryption technologies available to encrypt communications between the Siebel Server and the database depends on the encryption methods supported by your RDBMS vendor. For information on how to configure communications encryption between the Siebel Server and the Siebel database, contact your third-party RDBMS vendor.

The following image shows some of the types of communications encryption available for Siebel Business Applications environment.


Communications Encryption in the Siebel Application Environment: This image is described in the surrounding text.

The encryption mechanisms illustrated in this image are as follows:

  1. Web client and mobile client connections. TLS is used to secure transmission of data between the Web browser and the Web server in the DMZ.

    A reverse proxy should always be used for HTTP/HTTPS traffic in the DMZ. You can use any Web server to provide reverse proxy functionality and also any Siebel compatible SSO Web server plug-in on that Web server, provided the plug-in is supported by the Web server platform. Siebel Application Interface is expected to be hosted inside a firewall. You can use any Web server to configure this. For more information on reverse proxies in the DMZ, consult your web server vendor documentation.

  2. Siebel Mobile Web Client connections. You can use TLS encryption for Mobile Web Client communications with the Siebel Remote server.

  3. Email server connections. TLS encryption for connections to email servers is supported.

  4. Siebel component connections. Communications between Siebel components are based on TLS algorithms.