Make a database accessible over the internet

Hello everyone,

I'm currently evaluating methods for making our database accessible from the outside (->Internet) (for e.g. field staff). The Oracle Security Guide states that poking a hole through the firewall on port 1521 isn't (obviously) a good idea, which, I guess, applies whether the listener is password protected or not. So I have currently considered the following approaches: 1) set up a VPN to connect the external PC to the Intranet. 2) use TCPS in combination with a certificate/wallet as a listener protocol and let the TCPS listener port through the firewall. 3) use an application level proxy to additionally tighten security (<- but I couldn't find one)

I searched the Internet and found that Oracle works somewhat like FTP, i.e. it uses a randomly negotiated port for a reconnect, which would make approach No 2 unusable if not the firewall was also equipped with a special plugin, which I couldn't find either.

So my question is if you can explicitly recommend one approach (or a combination) over the other. Maybe you could also help me out with some discussion URL on that topic or such, as I couldn't discover a helpful one.

Greetings and many thanks
  Marcus Received on Mon Sep 13 2004 - 09:53:32 CDT