Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Make a database accessible over the internet
Hello everyone,
I'm currently evaluating methods for making our database accessible from the outside (->Internet) (for e.g. field staff). The Oracle Security Guide states that poking a hole through the firewall on port 1521 isn't (obviously) a good idea, which, I guess, applies whether the listener is password protected or not. So I have currently considered the following approaches: 1) set up a VPN to connect the external PC to the Intranet. 2) use TCPS in combination with a certificate/wallet as a listener protocol and let the TCPS listener port through the firewall. 3) use an application level proxy to additionally tighten security (<- but I couldn't find one)
I searched the Internet and found that Oracle works somewhat like FTP, i.e. it uses a randomly negotiated port for a reconnect, which would make approach No 2 unusable if not the firewall was also equipped with a special plugin, which I couldn't find either.
So my question is if you can explicitly recommend one approach (or a combination) over the other. Maybe you could also help me out with some discussion URL on that topic or such, as I couldn't discover a helpful one.
Greetings and many thanks
Marcus
Received on Mon Sep 13 2004 - 09:53:32 CDT