Network Security in the Oracle Health Insurance Environment

When deploying Oracle Health Insurance applications onto a network there are many security issues to take into consideration, especially the use of firewall and VPN technologies. A firewall will permit or deny network permissions based on configured rules, to protect the internal network from malicious actions while permitting legitimate communications.

Firewalls perform the following functions in a typical Oracle Health Insurance environment:

  • Guard the company Intranet from unauthorized outside access.

  • Separate Intranet users accessing the Oracle Health Insurance system from internal subnetworks where critical corporate information and services reside.

  • Protect from IP spoofing and routing threats.

  • Prohibit unauthorized users from accessing protected networks and control access to restricted services.

  • Throttle requests / apply rate limiting.

  • Act as Web Application Firewall protecting against malicious requests.

image

A typical Oracle Health Insurance environment usually has the following security zones:

  • Internet - External web service clients may come from outside of the company network.

  • Intranet - A company network separated by the external firewall that gives remote workers access to the Oracle Health Insurance user interface. This is also where Oracle Health Insurance web servers and / or load balancers may be placed. Alternatively, for additional protection, web and load balancing servers may be placed in a separate demilitarized zone (DMZ) where external and internal clients first interact with the Oracle Health Insurance environment.

  • The Oracle Health Insurance application server and database zone - The Oracle Health Insurance application servers, database servers and possibly authentication servers (for example, if a customer chooses to delegate authentication using LDAP servers) typically reside in this zone.

Ensure that the firewalls used to secure an Oracle Health Insurance environment support the HTTP 1.1 protocol; it enables browser cookies and inline data compression for improved performance.