OCM's Razor (WAS: Metalink Fiasco)

From: Rich Jesse <rjoralist_at_society.servebeer.com>
Date: Wed, 11 Nov 2009 11:16:00 -0600 (CST)
Message-ID: <fea339d4fb8ab4493bc0e4c697784a19.squirrel_at_society.servebeer.com>

Hey Jared,

> As for connecting to the internet, someone will have to explain
> to me why this is such an issue. The data sent is innocuous AFAIK.

Do you need to prove that to an auditor? I don't yet, but I'm curious...

> How is is different that databases that email you an alert when
> an alert log error is found? Or using UTL_SMTP to send email
> from the database?

Our email is internal. The security is setup to mitigate risk of external emails being sent should there be a breach. We're not (easily?) able to do that for outgoing http/ftp/rsync/etc. protocols.

Bandwidth is another concern, albeit probably not much of one. Downgrade that one to "unknown/untested".

My main concern that there didn't seem to be much in the way of detailed documentation on OCM's internals. It's a trust issue for me. And, frankly, given my experience with Oracle Corp's tools, that trust has not yet been earned. (they're trying real hard though with APEX, IMHO!)

I also have not been shown any value for what seems to be a substantial amount of investigation and work on my end. We don't have many Oracle DBs. It just doesn't make good fiscal sense to me.



Received on Wed Nov 11 2009 - 11:16:00 CST

Original text of this message