Skip to Main Content
  • Questions

  • Security steps to protect a database

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, alessandra.

Asked: July 21, 2021 - 7:08 am UTC

Last updated: July 23, 2021 - 7:17 am UTC

Version: 19.11

Viewed 1000+ times

You Asked

Which are the important security steps to protect a database
whose application will be in internet?

Which are the differences between Connection Manager and Database Firewall?

If I have native network encryption configured do I need to do something
on application server level?

I mean, for example, configuring the thin jdbc client network?

and Chris said...

This is a big topic. Exactly what you should do depends on the data you're storing, what data protection laws or regulations you're subject to, and how critical the data are to your business.

I suggest reading this technical primer on security the Oracle Database which walks through the options:

https://download.oracle.com/database/oracle-database-security-primer.pdf

Rating

  (2 ratings)

Is this answer out of date? If it is, please let us know via a Comment

Comments

A reader, July 21, 2021 - 10:55 am UTC

Hi,
thanks for your answer.
A point is so far not clear about "Network Encryption und Data Integrity".
Is "native Network Encryption und Data Integrity" enough
or Thin JDBC Client Network has to be configured as well?
and what about SSL on database side.
Is it necessary although we have "native Network Encryption und Data Integrity" ?
Chris Saxon
July 21, 2021 - 12:47 pm UTC

Enough for what?

You can use Oracle Native Network Encryption OR TLS (SSL) to encrypt your network traffic. There's no need to do both.

A reader, July 21, 2021 - 12:54 pm UTC

Which is the difference between Native Network Encryption and SSL?

Should be configured Thin JDBC Client Network too as suggested in
https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/part_4.html
?
Thanks.
Connor McDonald
July 23, 2021 - 7:17 am UTC

Head to here

https://docs.oracle.com/en/database/oracle/oracle-database/12.2/dbseg/configuring-network-data-encryption-and-integrity.html#GUID-8F489523-9693-4147-ADFD-C05246C98790

and it shows you the comparison between the two.
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's latest video and Chris's latest video from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.