Network security
It is unfortunate, but computers exposed to untrusted or unrestricted networks such as the Internet are vulnerable to probes and attacks. The goal of network hardening is to reduce the risk of attacks by placing servers into network security zones that allow authorized network communication to support your business needs, and to restrict all other unauthorized network access.
Network hardening is a complex subject that is beyond the scope of this document. We recommend you work with your corporate network and security teams.
If you follow the planning steps outlined in the Security engineering
steps topic, you will have a very good understanding of the following:
- System architecture, including the list of software components
- Use case scenarios, including who your users are, what they will likely do on the system, non-functional requirements such as availability targets, and transactional volumes
- Integration architecture, including all data flows between components
- Your security threat model and security requirements
There are many approaches to deploying the Sterling Selling and Fulfillment Suite applications. We present some of the more common approaches in the Deployment scenarios overview section of this document.