UK:+44 20 3287 2021
India:+91-8143111555 / +91-8790216888
Whats app: +91-8143110555

Oracle Enterprise Gateway: Security Management for SOA & Cloud

Oracle Enterprise Gateway 11g: Security Management for SOA & Cloud

Oracle Enterprise Gateway 11g, a security gateway product in the FMW product family, primarily provides the first line of defense for SOA and Cloud environments.

This course is ideal for participants who have a basic understanding of web application security vulnerabilities. It will help participants brush up on their XML and web services security knowledge. It will teach them the usage of OEG tools to configure policies and filter in order to secure, and accelerate XML as well as Web Services.

Participants will also learn how OEG is used together with Oracle Service Bus and Oracle Web Services Manager to provide an end-to-end security solution for SOA composite applications and web services in the Cloud, and how it leverages Oracle Identity and Access Management products to provide authentication and authorization.

Duration: 30hrs

Course Content:

Web Services Security Overview

  • About Web Services security challenges
  • Discussing key Web Services security concepts
  • About XML and Web Services security standards

Getting Started with Oracle Enterprise Gateway 11g

  • Describing the role Oracle Enterprise Gateway plays in a multilayered security deployment for Web Services
  • Describing the capabilities of Oracle Enterprise Gateway
  • Describing the Oracle Enterprise Gateway components
  • Become familiar with the OEG user interface
  • Configuring an Oracle Enterprise Gateway instance

Registering Web Services in OEG

  • Describing the capabilities of registered Web Services
  • Outlining the main steps of registering services in OEG
  • Applying policies to the registered services

Monitoring, Logging and Tracing

  • Monitoring traffic by using OEG monitoring tools
  • Identifying the differences between OEG logging and tracing
  • Configuring log settings
  • Setting tracing levels
  • Viewing trace information

Managing OEG Configurations

  • Describing OEG configuration structure
  • Managing a deployed configuration
  • Managing configuration versions
  • Importing and Exporting configuration data

Fault Handling

  • Changing default fault information that is passed back by OEG
  • Registering a fault handler
  • Using OEG’s trace to see why messages are blocked

Blocking XML Threats

  • Describing the different types of XML threats
  • Identifying the filters that block specific threats

Accelerating XML and Managing Traffic

  • Describing how Caching improves performance
  • Configuring Caches in OEG
  • Managing traffic

Configuring SSL

  • Describing how OEG manages Certificates and Keys
  • Describing SSL support in the Enterprise Gateway
  • Setting up SSL
  • Setting up mutual SSL

Securing XML Messages

  • Using policy to verify a Digital Signature
  • Using policy to encrypt data
  • Transforming message utilizing XSLT to remove sensitive data

Securing Web Services

  • Using the WS-Security Username Token to authenticate a user
  • Configuring security policies from WSDL files

Securing SOA Applications with OEG and OWSM

  • Describing security for SOA
  • Explaining how OSB virtualize SOA applications
  • Describing the OWSM architecture
  • Securing SOA composite applications by using OWSM security policy
  • Using OEG, OSB, and OWSM to provide end-to-end security for SOA composite applications

Integrating with Identity and Access Management

  • Describing how OEG works with Oracle Access Manager (OAM) for authentication
  • Describing how OEG leverages Oracle Entitlements Server (OES) for fine-grained authorization

Securing Services in the Cloud

  • Describing Cloud security risks
  • Describing how to secure API keys using OEG
Natural    Natural   Natural   Natural   Natural   Natural   Natural   Natural   Natural   Natural   Natural