Accessing Oracle SuperCluster T5-8 Security Resources
Security Information for SuperCluster Components
Understanding Oracle SuperCluster T5-8 Security Guidelines
Understanding Hardware Security Guidelines
Network Security Considerations
Understanding Oracle SuperCluster T5-8 Security Settings and Services
Changing Passwords on Default User Accounts
Change Passwords on Default Accounts
Default User Accounts and Passwords
Change the Exadata Storage Server Passwords
Change the Ethernet Switch Password
Default TCP/IP Ports and Services
Keeping Oracle SuperCluster T5-8 Secure
Managing SuperCluster Security
Oracle ILOM for Secure Management
Oracle Identity Management Suite
Oracle Enterprise Manager Ops Center (Optional)
Workload Monitoring and Auditing
Database Activity Monitoring and Auditing
Oracle SuperCluster T5-8 software is installed with many default security settings. Whenever possible, use the default secure settings:
Password policies enforces a minimum password complexity.
Failed login attempts cause a lockout after a set number of failed attempts.
All default system accounts in the OS are locked and prohibited from logging in.
Limited ability to use the su command is configured.
Unnecessary protocols and modules are disabled from the OS kernel.
Boot loader is password protected.
All unnecessary system services are disabled, including inetd (Internet service daemon).
Software firewall is configured on the storage cells.
Restrictive file permissions are set on key security-related configuration files and executable files.
SSH listen ports are restricted to management and private networks.
SSH is limited to v2 protocol.
Insecure SSH authentication mechanisms are disabled.
Specific cryptographic ciphers are configured.
The switches are separated in the system from data traffic on the network.