Re: Question re security

From: Nuno Souto <dbvision_at_iinet.net.au>
Date: Wed, 15 Jan 2014 21:58:13 +1100
Message-ID: <52D669C5.8020709_at_iinet.net.au>

On 15/01/2014 2:46 AM, Hans Forbrich wrote: > On 14/01/2014 12:51 AM, Nuno Souto wrote:

 >> "clickety-click grid control and hope for the best" dbas need not
 >> reply, thanking you very much...

> You DO realize that some of those 'DBAs' who rely on the Grid and
> Cloud control are Network Admins with expanded responsibility who
> might have been able to answer that question, don't you?

I *still* don't want to hear their reply! ;)

> I've run into this config myself, and the main reason was to force
> the DB traffic 'through' SPI and Logging firewalls to conform to
> audit requirements. SPI hit latency hard, but the logging
> continued. -- http://www.freelists.org/webpage/oracle-l

Strange audit requirements... Are you sure the auditors had a vague notion what a
network connection between an app server and a db server does and how it works?
Our auditors haven't got a clue, so we just ignore ANY of their recommendations
on the subject. They are the kind that "tut-tut" at select access on ALL_TABLES
given to PUBLIC. Mostly because they trust blindly the output of "security check"
scripts they have been sold by "experts" who hadn't a clue in the first place...

-- 
Cheers
Nuno Souto
dbvision_at_iinet.net.au


--
http://www.freelists.org/webpage/oracle-l

Received on Wed Jan 15 2014 - 11:58:13 CET

This message: [ Message body ]
Next message: Hans Forbrich: "Re: Question re security"
Previous message: Martin Klier: "Re: End-of-weekend rant: This is exactly why in fact we want certified"
In reply to: Hans Forbrich: "Re: Question re security"
Next in thread: Hans Forbrich: "Re: Question re security"
Reply: Hans Forbrich: "Re: Question re security"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message