RE: PCI / AV / Linux DB Servers

From: Uzzell, Stephan <SUzzell_at_MICROS.COM>
Date: Fri, 31 Jan 2014 17:23:44 +0000
Message-ID: <affdb202a909483faeeb9929fd57bab0_at_USMAIL2K1303.us.micros.int>

That's something we've discussed. However, we have some application servers (multi-customer environment) where the application servers are available via public internet. This is primarily for customers that are not large enough to invest in MPLS or a VPN. While we are absolutely on board with removing the internet access from our DB servers, I don't think we can cut the entire datacenter off.... So with some servers necessarily exposed, how do we protect the DB servers (my area of concern)?

Thanks!

Stephan Uzzell

From: Radoulov, Dimitre [mailto:cichomitiko_at_gmail.com] Sent: Friday, 31 January, 2014 12:16
To: Uzzell, Stephan
Cc: oracle-l_at_freelists.org
Subject: Re: PCI / AV / Linux DB Servers

Firewalls. We have no servers directly exposed on Internet.

Regards
Dimitre
Il 31/gen/2014 18:07 "Uzzell, Stephan" <SUzzell_at_micros.com<mailto:SUzzell_at_micros.com>> ha scritto: Hi all,

We're in a bit of an uncomfortable spot here... We're basically a Windows shop, our DB servers have internet access, and therefore our DB servers have AV software installed. We have periodically had to disable or even remove it on some of our larger database clusters as we have seen slow interconnect traffic with it enabled (Symantec Endpoint, mostly version 12 by this point). As soon as we remove Endpoint, interconnect ping times go back to where they should be and we move on.

We've just started a process of converting to Linux - supposedly we'll have all 240+ databases on 11.2.0.3 on Linux by the end of the year. We had somewhat assumed along the way that we would not be using AV software on our Linux DB servers: lower risk, fewer Linux viruses, &c.

Our PCI auditor doesn't seem to agree. To satisfy his requirements, we need some form our AV software installed. Or some other form of protection...

So - I guess my question is: people running production Linux environments - what do you do? How do you protect your servers?

Thanks!

Stephan Uzzell

--
http://www.freelists.org/webpage/oracle-l

Received on Fri Jan 31 2014 - 18:23:44 CET

This message: [ Message body ]
Next message: Tim Hall: "Re: PCI / AV / Linux DB Servers"
Previous message: Radoulov, Dimitre: "Re: PCI / AV / Linux DB Servers"
In reply to: Radoulov, Dimitre: "Re: PCI / AV / Linux DB Servers"
Next in thread: Tim Hall: "Re: PCI / AV / Linux DB Servers"
Reply: Tim Hall: "Re: PCI / AV / Linux DB Servers"
Reply: Radoulov, Dimitre: "Re: PCI / AV / Linux DB Servers"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message