Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Backup and Restore in a DMZ
> No big problem, but the machine is located in a DMZ - I cannot have
> connections to other db servers or fancy clicky flashy enterprisy tools.
I do not claim to be the biggest Information Security consultant of all times, but IMHO Oracle does not belong in the DMZ. I strongly recommend that you reconsider.
> Controlfiles and the rest of the operation system is backed up daily. I
> use rman without a repository and save the whole db (backup database),
> switch log and archive the logs (db is in log archive mode).
Construct your backup/recovery strategy so that you eventually end up
with a bunch of files. Just ftp them files to the place from where you
can put 'em on tape/backup media. However, I suggest opening FTP
access right before copying them files and closing it immediately
after that.
>
> As I have read I cannot do a timestamp recovery with that data. Is that
> true? Can I do a complete recovery including the last database backup
> and roll forward with all the available logs?
The control file is where the information about last SCN is stored,
along with a bunch'a other crap. If you overwrite it with an old one
you won't be able to do point-in-time recovery with re-applying redo
logs.
> Another question:
> Would it be possible to mirror the online logs via NFS on another
> machine, so I'd even could roll forward the data with the remaining log
> if the db machine completely blows up and has to be replaced and
> reinstalled?
NFS is by far not the most secure network service. There's a lengthy
list of known vulnerabilities. Allowing NFS is asking for some serious
trouble. Besides, NFS is not a speed demon, so your performance will
be sluggish. Try OS-level mirroring instead, and move them Oracle
outt'a DMZ.