EnterpriseOne Windows Firewall

Securing Oracle JD Edwards EnterpriseOne with Windows Firewall

EnterpriseOne Windows Firewall

On one of the Oracle JD Edwards EnterpriseOne installations that I manage, we have a few Windows 2003 Servers. Yeah, I know, it’s no longer supported but the Tools Release is 8.98.4.7 and there are a couple third-party applications that are not able to be upgraded. It’s crazy how messy, real-life situations cannot be duplicated in the squeaky-clean confines of the Oracle lab.

Since Windows 2003 Server is no longer supported by Microsoft, our IT Security Team has tried locking down these servers using several different methods. One of them has been to try and implement a software firewall on the server itself. Unfortunately, any third-party solution that we tried had such a negative impact on the performance of EnterpriseOne that we had to remove it. So, they asked that we turn on the Windows Firewall. While not as robust as they would have liked, it would provide another layer of security.

The good thing about the Windows Firewall, other than how simple it is, is that it shuts down all communication and only allows what you specify. That means, for EnterpriseOne to function, you need to make sure that all the applications and ports are allowed through the firewall. There were a few different documents that I used to come up with the correct recipe for successfully securing Oracle JD Edwards EnterpriseOne with Windows Firewall:

The easiest way to access the Windows Firewall settings is to go to [Start] -> Run -> firewall.cpl. I created a shortcut to firewall.cpl on the desktop to make it easier.

The following is a breakdown of what I came up with but since everyone’s configuration is different (CNC = Configurable Network Computing) your mileage may vary.

  • Made the following change to the jde.ini of the affected Windows Server:
    enablePredefinedPorts=1
  • Specified the following applications
    • E:\JDE_HOME\jdk\jre\bin\java.exe – Used by the JDE Server Manager
    • E:\JDEdwards\E900\DDP\system\bin32\jdenet_k.exe – Part of JDE Services
    • E:\JDEdwards\E900\DDP\system\bin32\jdenet_n.exe – Part of JDE Services
    • E:\JDE_HOME\bin\scfagent_64.exe – Used by the JDE Server Manager
    • E:\JDEdwards\E900\DDP\system\bin32\jdesnet.exe – Part of JDE Services
  • Specified the following ports
    • Oracle_Database_Port – Oracle DB communication port 1521
    • Server_Manager_Port – Oracle JDE Server Manager port 14501
    • Server_Manager_Port – Oracle JDE Server Manager port 14502
    • Server_Manager_Port – Oracle JDE Server Manager port 14503
  • Specified the following ports that correspond to the enablePredfinedPorts setting above:
    • Oracle_E1_Por

One thought on “Securing Oracle JD Edwards EnterpriseOne with Windows Firewall

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Previous post Oracle JD Edwards EnterpriseOne Multi-Foundation
E1Tips.com Survey Next post Survey: Where Does The CNC Function Reside In Your IT Department?