| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Make a database accessible over the internet
On Mon, 13 Sep 2004 15:36:42 -0400, Mark C. Stock wrote:
>
> "Marcus Ilgner" <Marcus.Ilgner_at_gerig.de> wrote in message
> news:pan.2004.09.13.14.53.31.160993_at_gerig.de...
> | Hello everyone,
> |
> | I'm currently evaluating methods for making our database accessible from
> | the outside (->Internet) (for e.g. field staff). The Oracle Security
> | Guide states that poking a hole through the firewall on port 1521 isn't
> | (obviously) a good idea, which, I guess, applies whether the listener is
> | password protected or not. So I have currently considered the following
> | approaches: 1) set up a VPN to connect the external PC to the Intranet.
> | 2) use TCPS in combination with a certificate/wallet as a listener
> | protocol and let the TCPS listener port through the firewall. 3) use an
> | application level proxy to additionally tighten security (<- but I
> | couldn't find one)
> |
> | I searched the Internet and found that Oracle works somewhat like FTP,
> | i.e. it uses a randomly negotiated port for a reconnect, which would
> | make approach No 2 unusable if not the firewall was also equipped with a
> | special plugin, which I couldn't find either.
> |
> | So my question is if you can explicitly recommend one approach (or a
> | combination) over the other. Maybe you could also help me out with some
> | discussion URL on that topic or such, as I couldn't discover a helpful
> one.
> |
> | Greetings and many thanks
> | Marcus
> |
> Marcus,
>
> What's the goal of making the database accessible over the internet?
> Application access?
> Application development?
> Ad-hoc reporting?
> What tools/interfaces will the 'outside' users be using? Are you using
> (can you use) Oracle's Application Server (iAS)?
>
> ++ mcs
Hi Mark,
thank you (and the others, of course) for your feedback. The goal is to enable remote users to use our in-house business application (a Java application which uses JDBC to connect to the DB) to check stock availability, browse the music repertoire or remotely place orders. So it is of importance that the process of establishing a secure connection is completely transparent to the user.
Greetings
Marcus
Received on Tue Sep 14 2004 - 07:55:29 CDT
 |
 |