Sign in or 
Share this
Securing Your PeopleSoft Application - Index Page
| CHAPTER 1 – INTRODUCTION | |
| Structure of This Red Paper | |
| Related Materials | |
| CHAPTER 2 - SECURITY MODEL | |
| Required Reading | |
| Security Model – A Concept | |
| Security Threats | |
| Security: A “Defense-in-Depth” approach | |
| CHAPTER 3 - SECURING NETWORK INFRASTRUCTURE | |
| Secure Setups | |
| NAT DMZ Infrastructure | |
| Publicly Addressed DMZ Infrastructure | |
| Additional Security DMZ | |
| Firewall Application Server | |
| CHAPTER 4 - SECURING PEOPLESOFT INTERNET ARCHITECTURE | |
| How to Security Harden the Web Server | |
| WebLogic | |
| WebSphere | |
| How to Enable SSL on a Web Server for HTTPS | |
| How to Disable HTTP on a Web Server | |
| WebLogic | |
| WebSphere | |
| How to Change the Default Password of PSKEY | |
| How to Disable Configuration Re-Initialization | |
| How to Disable Browser Caching | |
| How to Configure a Forward Proxy Server for the Portal and Integration Gateway | |
| Setting a Forward Proxy Server for WebLogic | |
| Setting a Forward Proxy Server for WebSphere | |
| How to Bypass a Forward Proxy for Local Hosts | |
| How to Bypass Forward Proxy for Local Hosts for WebLogic | |
| How to Bypass Forward Proxy for Local Hosts for WebSphere | |
| How to Enable Mutual Authentication for Integration | |
| How to Enable LDAPS for Directory Integration | |
| How to Enable TUXEDO Encryption | |
| CHAPTER 5 - PEOPLETOOLS SECURITY HARDENING | |
| Delete or Disable Unused User IDs | |
| Enable Password Controls | |
| Expire Password At Next Login | |
| Allow Password to be Emailed | |
| Review Sign-in and Timeout Security | |
| Change the Access Password | |
| Change the Connect Password | |
| Change the IB Gateway Properties Password | |
| Review the Single Signon Configuration | |
| Use Strong Node Passwords or Use Certificates | |
| Review Signon PeopleCode and User Exits | |
| Limit Usage of the PeopleSoft Administrator Role | |
| Limit Access to Application Designer and Data Mover | |
| Limit Access to User Profiles, Roles, and Permission Lists | |
| Limit Ability to Start Application Server | |
| Review Query Security | |
| Enable SQL Error Message Suppression | |
| Track Users’ Login and Logout Activity | |
| Consider Auditing | |
| CHAPTER 6 - SECURING CUSTOMIZED PEOPLESOFT APPLICATIONS | |
| Configure every Component for Row-Level Security | |
| Isolate all User-Entered Data to a Bind Variable | |
| Escape All User-Entered HTML | |
| Turn Off Modifiable by HTML for Hidden Page Fields | |
| User-Entered File Names Should Not Include Paths | |
| APPENDIX A - TBD | |
| APPENDIX B - TBD | |
gregkelly |
Latest page update: made by gregkelly
, Feb 25 2009, 7:26 PM EST
(about this update
About This Update
Edited by gregkelly
3 words added 26 words deleted view changes - complete history) |
|
Keyword tags:
None
More Info: links to this page
|
There are no threads for this page.
Be the first to start a new thread.
