In today's environment, a properly secured computing infrastructure is critical. When securing the infrastructure, a balance must be struck between risk of exposure, cost of security, and value of the information protected. Each organization determines its own correct balance. To that end, we provide configuration guidance (practical advice) for securing Oracle's E-Business Suite.
The recommendations that follow cross three tiers of machines (desktop tier, application tier, and database tier) and fall into five categories:
Hardening covers hardening the file system, programs, products, and configuration.
Network covers physical topology, firewalls, IP restrictions at web server and database listener.
Authentication covers account management, password management, and other account related activities.
Authorization covers restrictions to executables, data files, web pages, administrative tools, etc.
Audit covers configuration, on-going review, and purging.
We cover security for the database and listener, the application server, Oracle E-Business Suite, and individual desktops. We follow this with advice for hardening operating systems including a sample Linux hardening.