This appendix provides information about the steps that you can take to secure your Oracle Traffic Director deployment.
For information about securing access to the Oracle Traffic Director administration server and enabling SSL/TLS, see Chapter 10, "Managing Security."
The following are some of the steps that you can perform to secure Oracle Traffic Director in your environment:
Ensure Oracle Traffic Director server instance is running as non-root
and not listening on all interfaces. For information about starting Oracle Traffic Director instances, see Section 4.3, "Starting, Stopping, and Restarting Oracle Traffic Director Instances."
Note:
For each Oracle Traffic Director configuration that you instantiate on an administration node, a subdirectory namednet-
config_name
is created in the INSTANCE_HOME
subdirectory.Leverage the ability of Oracle Traffic Director to provide high availability as non-root
. For more information, see Chapter 14, "Configuring Oracle Traffic Director for High Availability."
Ensure that sufficient file descriptors are available. For more information, see Section 15.2, "Tuning the File Descriptor Limit."Chapter 15, "Tuning the File Descriptor Limit."
Ensure that appropriate network level protections are taken care. For more information, see http://www./technetwork/articles/servers-storage-admin/secure-linux-env-1841089.html.
In addition, you should consider hardening your system. For information about hardening an Oracle Linux system, see http://www./technetwork/articles/servers-storage-admin/tips-harden-oracle-linux-1695888.html
.