Summary

In this chapter we outlined the basic tasks necessary for running a secure 10g AS server and application. We outlined the fundamentals of securing websites and saw that there are many things an administrator needs to do to improve security. One of the most important is applying patches and work-arounds in response to security alerts. A key security fundamental we covered was the need to use a layered defense by hardening all the components in the system. We also reviewed the fundamentals for firewalls in both the most simplistic architecture and a more advanced DMZ layout. Finally, we discussed the need to use basic common sense and always be on the lookout for poor security policies.

Next we showed how a critical administration utility, the Application Server Control utility, can be made more secure by placing it behind a firewall, changing the default port, changing the admin password, and encrypting traffic with SSL. Next, we explained SSL and showed how to set up SSL using Oracle Wallet Manager. This allows for the use of the HTTPS Protocol, which ensures secure Internet traffic. Finally, we outlined the Oracle Identity Management framework and provided an introduction to the Oracle Internet Directory.



Oracle Application Server 10g. J2EE Deployment and Administration
Oracle Application Server 10g: J2EE Deployment and Administration
ISBN: 1590592352
EAN: 2147483647
Year: 2004
Pages: 150

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net