Tuesday, September 11, 2007

Oracle Application Server : Secure Deployment

Oracle Application Server : Secure Deployment

When we talk about Internet , the next question will be Security. Earlier applications were mostly maintained internal or in other terms Intra-net. The threat to the Intra-net system is very less and it is mostly the Intra-net users ( employees , administrators ). Present extensive increasing of internet usage has boosted more and more business applications on the internet.

Potential threat to Internet Applications are the attackers. Attackers are highly skilled and knowledged peoples where they probe into the system and cause damage. I am not going to walk through more on the attackers and how they attack.

Internet enabled applications must defend them-self from the threats by deploying well defined security mechanism , such as firewall or other measures. Oracle addresses security widely on two areas , software and hardware security.

Software Security: All Products are Security Vulnerability in some ways. Product companies tries to get rid of the vulnerability by recommending customer to get the version upgraded or by having a security patch applied on the existing environment. Oracle addresses the same with CPU. The term CPU used by Oracle means Critical Patch Update. CPU is bundles of patches released on quarterly basis to provide security fixes for Oracle Products. CPUs continue to be improved to minimize the cost and the risk of implementing a CPU.
I wanted to highlight a best practicer of CPUs , it is Oracle OnDemand. Oracle OnDemand takes up rapid and successful implementation of CPUs across all the hosted customers there by reducing the cost and downtime.

Hardware Security: Server hardware, especially production servers, are typically mounted on racks in server rooms. Server cabinets usually have lockable doors and other known advanced physical security mechanism. Servers which have applications running on the Internet are highly threat for vulnerability. Addressing Hardware Security is achieved by various deployment topology.

In the next few postings I will be discussing on some of the best practices and Oracle recommended topology which enables Oracle Application Server to become a key player on the Internet as an Internet Application with High Security.

Popular Posts