- February 13, 2018
- Posted by: admin
- Categories: Blog, SaaS
In today’s business and technology environment, major challenges for IT going forward is what will happen when organizations run thousands of software-as-a-service (SaaS) applications and most of them will be beyond the IT department’s control but they have to integrate with on-premise ERP in a secure manner. Enterprise integration security has become mandatory across applications and infrastructure, by implementing specific privacy and security safeguards to minimize the vulnerability of enterprise systems to external attacks, unauthorized disclosure of sensitive data, or unauthorized access to administrative interfaces.
In this article, we will discuss the Integration security and the process to Integrate Oracle products like Integration Cloud, JD Edwards 9.2 and Oracle SaaS Apps.
Solution Scope:
To give you the brief overview of secure enterprise integration solution, we utilized the following products.
- Oracle Integration Cloud (ICS)
- Oracle JDE Adapter
- Oracle SOAP Adapter for Custom SOAP Service
- Oracle JD Edwards EnterpriseOne 9.2 (On-Premise)
- F5 BIG-IP Firewall (On-Premise)
Oracle Integration Cloud (ICS)
Oracle Integration Cloud Service (ICS) delivers best in class “Hybrid” Integration. ICS is a simple and powerful integration platform in the cloud to maximize the value of your investments in SaaS and on-premises applications. ICS also offering pre-built adapters for various SaaS, On-premises, and Social endpoints. Moreover, it also contains the generic SOAP and REST adapters that can be used to connect to a large number of applications in the cloud.
Oracle JD Edwards EnterpriseOne 9.2 (On-Premise)
JD Edwards continues to be widely accepted in the industry. Though organizations of all sizes can adopt Oracle JD Edwards, it has gained significant acceptance among mid-size enterprises. JD Edward is uniquely tailored to meet the specific needs of the various industries and is one of the market-leading ERP solutions that helps you operate your business more efficiently and profitably.
F5 BigIP Firewall (On-Premise)
The F5 Web Application Firewall solution is delivered by F5’s industry-leading BIG-IP Application Security Manager (ASM) providing advanced firewall capabilities by securing applications from layer 7 DDoS attacks, malicious bot traffic, common application vulnerabilities and all OWASP top 10 security risks. It also enables compliance with industry security standards, PCI-DSS, ISO-27001, HIPPA, SOX, NIST etc.
Solution Architecture Overview:
Growing organizations requirements becoming more complex, which require integrating multiple products in a secure and scalable manner. In this solution, we integrate 3rd party online soap services with on-premise JD Edwards EnterpriseOne 9.2 using Oracle Integration Cloud (PaaS).
We secured the integration by applying SSL encrypting on payload, which prevents it from data stealing and various injections. Moreover, F5 BIG-IP firewall used to enhance the security of integration through whitelisting, authentication, authorization, and scalability.
Challenges:
Enterprise organizations have robust security policies especially for on-premise systems like JD Edwards, EBS etc. The key concerns for network security team to expose internal systems to outside world in a stable and secure manner.
Some Key challenges that we faced are listed below:
- Adjustment of F5 BIG-IP Firewall in Enterprise Network
- Custom Header mapping while integrating SOAP and JDE Adapter
- Extra Layer of Security for Authentication and Authorization
Key Benefits:
Integration between On-Premise and Cloud systems using Oracle Integration Cloud
- Securing data transport using end to end SSL encryption
- F5 BIG-IP firewall authorization and authentication enhances the security to even higher level.
- Grant Access to Whitelist IP’s on F5 firewall prevent DDoS attacks.
- Integration scalability permit to add new systems whenever needed.
Integration Endpoints:
In an age of digital business, companies run their operations on multiple systems and to get the maximum value from these technology investments, seamless integrations are vital.
As an example, Oracle Internet of Things (IoT) Cloud Service now offers SaaS-style, built-in IoT applications that are included with the service and immediately runnable. The Asset Monitoring application is the first in the series of built-in IoT applications. It enables users working with both fixed and movable assets to perform tasks such as rapidly locating available assets for a job, assessing the health of their assets, and reviewing asset specifications while in the field or office.
Here is a quick background of component which helps customers to identify their integration needs.
JD Edwards Application Interface Services (AIS) – REST Based API used for chatty applications such as mobile applications, social applications. It also provides the basis for Orchestrator.
JD Edwards Business Services (BSSV) – SOAP-Based API helps JDE to integrate with 3rd party on-premise or cloud-based applications including CRM’s, E-Commerce, and HCM Cloud
IoT Orchestrator – The internet of things orchestrator allows business users to collect and filter raw data collected from sensors or devices and feed that data into EnterpriseOne. IoT Orchestrator allows you to define and design an orchestration using a graphical user interface
Oracle IoT Cloud – The internet of things allows business users to collect and filter raw data collected from sensors or devices and feed into IoT Cloud using RESET based API.
Oracle SaaS Cloud Applications – Sales, Service and Field Service Cloud apps are coming with REST Based API services, which can be utilized to integrate with multiple systems.