3.2 Secure the Switch Integration Gateway
This topic explains the guidelines to secure the switch integration gateway.
The following guidelines serve to secure the Switch Integration Gateway application deployed on Oracle WebLogic Server.
Overview
Oracle FLEXCUBE Universal Banking supports communication with external channels, one of them being ATM switches. The below listed set of measures are recommended for securing the communication between the ATM switch and the Switch Integration Gateway of Oracle FLEXCUBE Universal Banking.
For more information, refer to Switch Interface Installation
Secure the link to Switch Integration Gateway
The ATM Switch communicates with the Switch Integration Gateway of FLEXCUBE Universal Banking, using the ISO 8583 protocol, over a TCP/IP channel. The following measures are recommended to secure this link
:Table 3-1 Recommended Measures
| Measure | Description |
|---|---|
| Usage of a Dedicated Channel | It is recommended to have a dedicated private link between the ATM switch and the Switch Integration Gateway of FLEXCUBE Universal Banking. |
| Usage of a Dedicated Server | It is recommended to have the Switch Integration Gateway deployed on a separate machine. Additionally, access to this machine is to be controlled by the data center practices. |
Secure the Link to the Integration Gateway
Table 3-2 Transport-level Security
| Measure | Description |
|---|---|
| Usage of a Secure Channel | The Switch Integration Gateway can be configured to communicate with the Integration Gateway, over the T3S protocol, instead of the T3 protocol. It is recommended to employ T3S due to the usage of TLS/SSL to encrypt the communication passing through the channel. Additional information on the same can be obtained from the configuration document titled Switch Interface Installation with SSL Configuration Document. |
Parent topic: Prerequisite