Re: Oracle Advanced Security
Date: Sun, 24 Jun 2012 00:14:11 -0400
Message-ID: <CAPWDEzijQwok4P5Fnb1WGjaOT7tR2DExJfz3ePdQWvT0kOrWQw_at_mail.gmail.com>
Hi Mary,
Yes, yes and yes! PeopleTools 849, HRMS 8.9 with Oracle 11202 on RHEL 5. It's pretty much been transparent to the application and end users. The newer Intel chips have some hocus pocus that off loads encryption from the CPU.
My only gotcha was a Webfocus connection that required an extra setting in the SQLNET to allow connections from a JDBC connection.
Protect your keys!!!. Don't rely on the OS backups. Backup the keys and put them on a USB stick. Lose your keys and you're done. True story from a recent conference. A large credit card company went to patch and reboot their servers. Their last reboot was 90 days prior. A very zealous Linux admin decided to remove all files that had not been updated in the last 60 days. Keys were gone, so was , thankfully, the Dev database. Protect your keys -)
Let me know if you need anything else. As far as I am concerned, this is the way we do business from now on except for OBIEE which is another story -)
Steve
On Fri, Jun 22, 2012 at 2:41 PM, Sciuto, Mary <Mary.Sciuto_at_tufts.edu> wrote:
> Has anyone had experience implementing ASO, in particular Transparent Data Encryption (TDE), network encryption, integrity checking, encrypted rman backups & encrypted datapump export?
>
> We are on Oracle 11.2.0.3 with, data guard, non-data guard & PeopleSoft applications running on Red Hat Linux.
>
> We would be interested in hearing about your experience (good or bad) and any recommendations you may have with implementing ASO.
>
> Thanks.
> Mary Sciuto
> Database Admin.
> Tufts University
> --
> http://www.freelists.org/webpage/oracle-l
>
>
-- http://www.freelists.org/webpage/oracle-lReceived on Sat Jun 23 2012 - 23:14:11 CDT