Keep Software Up To Date

One of the principles of good security practice is to keep all software versions and patches up to date.

To enable the best security available, Oracle recommends keeping the OS and all application components (like Weblogic, ADF, Java, and so on) up to date with the latest security patches. Oracle periodically provides security patches for components (like Weblogic, ADF, MySQL and Java) through the Oracle CPU (Critical Patch Update) advisories and other communications.

Because OS security patches are independent of the STA application, Oracle cannot guarantee that all patches will operate correctly with STA—especially patches released after an STA release. Determine the acceptable OS security patch level for your environment. Because of component patch and application interdependencies, Oracle cannot guarantee that all component patches will operate correctly with the STA application. Determine which component patches are needed for your environment and what affects it may have on the STA application.

Newer STA versions and STA specific patches may also be available. Check with Oracle service on the availability of a newer version of STA or an STA specific patch. Newer STA versions will contain more up to date security patches.

Restrict Network Access

Oracle recommends that you keep the STA host server behind a data center firewall. The firewall restricts access to these systems to a known network route, which can be monitored and restricted, if necessary. As an alternative, a firewall router substitutes for multiple, independent firewalls. Identifying the hosts allowed to attach to the library and blocking all other hosts is recommended where possible. STA is not designed to be directly accessible from a public network.

Keep Up To Date on Latest Security Information

Oracle continually improves its software and documentation. For every STA release review the document for revisions. Specific security concerns may be addressed in release notes as well.