Skip to Main Content
  • Questions
  • Security steps to protect a database

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, alessandra.

Asked: July 21, 2021 - 7:08 am UTC

Last updated: July 23, 2021 - 7:17 am UTC

Version: 19.11

Viewed 100+ times

You Asked

Which are the important security steps to protect a database
whose application will be in internet?

Which are the differences between Connection Manager and Database Firewall?

If I have native network encryption configured do I need to do something
on application server level?

I mean, for example, configuring the thin jdbc client network?

and we said...

This is a big topic. Exactly what you should do depends on the data you're storing, what data protection laws or regulations you're subject to, and how critical the data are to your business.

I suggest reading this technical primer on security the Oracle Database which walks through the options:

https://download.oracle.com/database/oracle-database-security-primer.pdf

Rating

  (2 ratings)

Comments

A reader, July 21, 2021 - 10:55 am UTC

Hi,
thanks for your answer.
A point is so far not clear about "Network Encryption und Data Integrity".
Is "native Network Encryption und Data Integrity" enough
or Thin JDBC Client Network has to be configured as well?
and what about SSL on database side.
Is it necessary although we have "native Network Encryption und Data Integrity" ?
Chris Saxon
July 21, 2021 - 12:47 pm UTC

Enough for what?

You can use Oracle Native Network Encryption OR TLS (SSL) to encrypt your network traffic. There's no need to do both.

A reader, July 21, 2021 - 12:54 pm UTC

Which is the difference between Native Network Encryption and SSL?

Should be configured Thin JDBC Client Network too as suggested in
https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/part_4.html
?
Thanks.