Critical E-Business Suite Release 11i Security Documentation (Oracle E-Business Suite Technology)

Critical E-Business Suite Release 11i Security Documentation

By Steven Chan on April 19, 2006 12:17 PM

While I'm stepping (very gingerly) through the security minefield, I might as well dust this one off, too:

A number of customers have recently reported security issues which may have been avoided if they had followed Oracle's published recommendations on securing E-Business Suite Release 11i environments. All E-Business Suite Release 11i system administrators and security professionals should have the following crucial documents committed to memory:

Best Practices for Securing Oracle E-Business Suite (Metalink Note 189367.1)
E-Business Suite Recommended Set Up for Client/Server Products (Metalink Note 277535.1)

Even if you've read earlier versions of these documents, I'd strongly recommend taking another look at the latest versions.

Tags:

Filed under: EBS Release 11i , Security • Comments (3) • Share

Comments (3)

Yury Velikanov:

Just wonder if you going to implement the recommendations reflected in the highlighted documents using autoconfig/templates methodology?
So far it looks to me that those recommendations implementation require a lot of customisations.
If to implement those recommendations through supported autoconfig customization way we would end up with hard to support environment. In the other hand if you will implement those in templates/autoconfig you would make OEBS more secure automatically.

Just my 0.02£,
Yury

Posted by Yury Velikanov | May 7, 2006 7:52 PM

Posted on May 7, 2006 19:52

Steven Chan:

That's an interesting suggestion, Yury. I'm going to have to circulate this internally amongst our security architects. I'll post an update once this reemerges from the process.

Regards,
Steven

Posted by Steven Chan | May 8, 2006 9:59 AM

Posted on May 8, 2006 09:59

Steven Chan:

A quick update on this: Our AutoConfig and Security teams have confirmed that best-practices security recommendations that apply uniformly to all E-Business Suite customers are already implemented automatically by AutoConfig. This is one of the reasons we encourage everyone to keep up-to-date with the latest AutoConfig template updates like the recently-released AutoConfig Template Rollup Patch M.There are a number of other security recommendations from the Best Practices guide that we're planning to implement automatically in AutoConfig; these might take more time to automate given their potential sensitivity to current environment configurations and customer requirements. I'll be sure to announce these in this blog as they become automated.Regards,Steven

Posted by Steven Chan | May 26, 2006 12:58 PM

Posted on May 26, 2006 12:58

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Name:

Email Address:

URL:

Remember personal info?

Comments:

Oracle E-Business Suite Technology

The latest news directly from E-Business Suite Development