Database Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Dataguard Security 12c

Little Foot-OracleJan 19 2016 — edited Feb 1 2016

Hi,

I am quite confused with the dataguard security setup.

I have setup 2 node physical standby database(12c).

The primary and DR are located in a different data centers, I want to ensure the security of redo data transmitted between the Primary and DR.

I have gone through the MOS :

Enabling Encryption for Data Guard Redo Transport (Doc ID 749947.1)

As per the above document Network encryption and strong authentication is available along with the database licenses,

/*Starting with 11gR2 Network encryption (native network encryption and SSL/TLS) and strong authentication services (Kerberos, PKI, and RADIUS) are no longer part of Oracle Advanced Security and are available in all licensed editions of all supported releases of the Oracle database.*/

So I think I can use encryption to secure the redo transport as detailed in the doc.

But the below NOTE is what confusing me,

"Note that this Setting requires all Clients connecting to this Database must have the Advanced Security Option installed else they cannot connect to the Database. If you only want Data Guard to use the Security Option using the shown Method, set

sqlnet.encryption_server = accepted

instead."

Now can I implement the network encryption or not ?

will there be any effects to implement the encryption ? Does this also effect the connections from the weblogic / sqlplus client ?

Please clarify.

Thanks and Regards,

Littlefoot

Locked Post

New comments cannot be posted to this locked post.

Locked on Feb 29 2016

Added on Jan 19 2016

#database-security, #database-security-general

4 comments

1,658 views