Escolar Documentos
Profissional Documentos
Cultura Documentos
R12.2
Amit Sharma
Oracle Apps DBA Expert
CORPORATE OFFICE
8 Magnolia Place,
Harrow, London, UK
HA2 6DS
US OFFICE
6515 E Union Ave,
Unit 451, Denver
CO 80237
INDIA OFFICE
NS-24 Mianwali Nagar
Paschim Vihar
New Delhi 110087
Email : contact@k21academy.com
Phone :
+1 408 627 8021
+91 959 905 6621
1
Agenda
Business Need
Challenges
DMZ As a Solution !!!!
Features/Benefits
DMZ Architecture
www.k21academy.com
Business Needs
To expose services outside Network
Promote External Communication
Sometime it is majorly External Communications only
(Business Runs)
www.k21academy.com
Challenges
Business does not want to compromise with security
information
Business cannot expose internal domain or internal URL
information
Entry point for attackers
Application Vulnerability
www.k21academy.com
DMZ - Solution
Portions of a corporate/Office network that are between the
corporate intranet and the Internet.
Only Portion belongs to DMZ will exposed and not the internal
www.k21academy.com
www.k21academy.com
Feature / Benefits
Exposed web services can be accessed by internal and external
users
Configurable and can be very easily rolled out
Internal network and business data is secured from outside traffic
Firewalls are deployed at various levels to ensure authorised traffic
Unauthorized access to internal network from outside is prohibited
No need for VPN and Secure FTP server
www.k21academy.com
DMZ Architecture
From Oracle Point of view there are 4 options
TYPE
DETAILS
DMZ Configuration With Internal and External Application Tiers in the Intranet Sharing the
Application Tier File System
DMZ configuration with multiple Internal/External application tiers in the Intranet and DMZ
www.k21academy.com
Type 1 Architecture
Accessing Webtier with HTTPS port.
SSH Compliance
www.k21academy.com
Benefits
Simplicity
Internal users access internal
application via intranet
Restrict access to a limited set of
Oracle Appl responsibilities for
users logging in via Internet
www.k21academy.com
Limitations/Restrictions
10
Type 2
Restrict access to a limited set of Oracle Applications responsibilities for users logging in via the Internet
Mask external application tier details from external users with the use of a reverse proxy server.
No SSL connection mandatory at the reverse proxy
Option to restrict subset of URL at reverse Proxy
www.k21academy.com
11
Benefits
Limitations/Restrictions
Maintenance Overhead
www.k21academy.com
12
Type - 3
www.k21academy.com
13
Benefits
Easy Maintenance
www.k21academy.com
Limitations/Restrictions
14
Type 4
Hybrid Setup - External and Internal Filesystem
are not shared.
Failover part covered
www.k21academy.com
15
Benefits
Extra level of security
Load balancing/Failover
www.k21academy.com
Limitations/Restrictions
Ssh compliance
16
www.k21academy.com
17
18
www.k21academy.com
19
www.k21academy.com
20
www.k21academy.com
21
Meaning
Administrative
Normal
Users logging in from normal servers have access to only a limited set of responsibilities.
External
www.k21academy.com
22
www.k21academy.com
23
Update mod_wl_ohs.conf
www.k21academy.com
24
References
Oracle E-Business Suite Release 12.2 Configuration in a DMZ
(Doc ID 1375670.1)
NOTE:1367293.1 - Enabling SSL in Oracle E-Business Suite
Release 12.2
www.k21academy.com
25
Find us
https://www.facebook.com/K21Academy/
http://twitter.com/k21Academy
https://www.linkedin.com/company/k21Academy
https://www.youtube.com/user/k21technologies
www.k21academy.com
26