2 Security Features of Oracle Exadata Database Machine

Oracle Exadata Database Machine hardware and software are hardened.

The following steps have been done to harden Oracle Exadata Database Machine:

• Trimmed the list of installed packages so that unnecessary packages are not installed on the servers.

• Turned on only essential services on the Oracle Exadata Storage Servers.

• Enabled firewalls (iptables) on the storage servers.

• Enabled auditing of the operating system user.

• Enforced hardened password policies.

Oracle also provides recommended secure configurations for services such as NTP and SSH. In addition, the Oracle Exadata Database Machine architecture provides the following security capabilities to the core components. These security capabilities are most often applied by organizations seeking to deploy a layered security strategy.

• Using Security-Enhanced Linux
  Oracle Exadata System Software release 21.2.0 introduces support for Security-Enhanced Linux (SELinux) in Oracle Exadata.
• Restricting the Binaries Used to Boot the System
  Secure Boot supports a chain of trust that goes down to the kernel module level.
• Using Isolation Policies
  Oracle Exadata Database Machine supports multiple isolation levels.
• Network Access to Oracle Exadata Storage Servers
  Oracle Exadata System Software includes the cellwall service, which implements an iptables firewall on each cell.
• Controlling Access to Data
  To protect application data, workloads, and the underlying infrastructure on which it runs, Oracle Exadata Database Machine offers comprehensive yet flexible access control capabilities for both users and administrators.
• Using Cryptographic Services
  
• Monitoring and Auditing of Oracle Exadata Database Machine
  Whether for compliance reporting or incident response, monitoring and auditing are critical functions that organizations must use to gain increased visibility into their IT environment.
• Maintaining Quality of Service
  There are many ways that applications can be attacked besides breaching a boundary or subverting an access control policy.
• Using Oracle ILOM for Secure Management
  Collections of security controls and capabilities are necessary to properly secure individual applications and services.
• Considerations for a Secure Environment
  Oracle Exadata Database Machine includes many layered security controls that can be tailored to meet an organization's specific policies and requirements.
• Understanding the Default Security Settings
  Oracle Exadata System Software is installed with many default security settings.