Oracle Application in DMZ (Demilitarized Zone)

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by PRajkumar on Oracle Blogs See other posts from Oracle Blogs or by PRajkumar
Published on Sun, 9 Sep 2012 10:27:58 +0000 Indexed on 2012/09/09 15:44 UTC
Read the original article Hit count: 221

Filed under:

 Business Needs

Large Organizations want to expose their Oracle Application services outside their private network (HTTP/HTTPS and SSL). Usually these exposures must exist to promote external communication. So they want to separate an external network from directly referencing an internal network

 

Business Challenges

·         Business does not want to compromise with security information

·         Business cannot expose internal domain or internal URL information

 

Business Solution

DMZ is the solution of this problem. In Oracle application we can achieve this by following way –

 

·         Oracle Application consists of fleet nodes (FND_NODES) so first decide which node have to expose to public

·         To expose the node to public use the profile “Node Trust Level”

·         Set node to Public/Private (Normal -> private, External -> public)

·         Set "Responsibility Trust Level" profile to decide whether to expose Application Responsibility to inside or outside firewall

 

 

 

 

Solution Features  

·         Exposed web services can be accessed by both internal and external users

·         Configurable and can be very easily rolled out

·         Internal network and business data is secured from outside traffic

·         Unauthorized access to internal network from outside is prohibited

·         No need for VPN and Secure FTP server

 

Benefits 

·       Large Organizations having Oracle Application can expose their web services like (HTTP/HTTPS and SSL) to the internet without compromise with security information and without exposing their internal domain

 

Possible Week Points 

·         If external firewall is compromised, then external application server is also compromised, exposing an attack on E-Business Suite database

·         There’s nothing to prevent internal users from attacking internal application server, also exposing an attack on E-Business Suite database

 

Reference Links 

·         https://blogs.oracle.com/manojmadhusoodanan/tags/dmz

© Oracle Blogs or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about /Oracle

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle