Table of Contents
- Title and Copyright Information
- Preface
- 1 Overview of Oracle Exadata Security
-
2
Security Features of Oracle Exadata Database Machine
- 2.1 Using Security-Enhanced Linux
- 2.2 Restricting the Binaries Used to Boot the System
- 2.3 Using Isolation Policies
- 2.4 Network Access to Oracle Exadata Storage Servers
- 2.5 Controlling Access to Data
- 2.6 Using Cryptographic Services
- 2.7 Monitoring and Auditing of Oracle Exadata Database Machine
- 2.8 Maintaining Quality of Service
- 2.9 Using Oracle ILOM for Secure Management
- 2.10 Considerations for a Secure Environment
- 2.11 Understanding the Default Security Settings
-
3
User Security on Oracle Exadata
- 3.1 Default User Accounts for Oracle Exadata
- 3.2 Default Password Requirements
- 3.3 Default Security Settings Implemented by OEDA
- 3.4 Managing Password and Authentication Policies
- 3.5 Creating Oracle Exadata System Software Users and Roles
- 3.6 Security Policies for Oracle Exadata Storage Server Operating System Users
-
4
Keeping the Oracle Exadata Secure
-
4.1
Securing the Hardware
- 4.1.1 Getting the Rack Serial Number
- 4.1.2 Getting the Serial Numbers for Rack Components
- 4.1.3 Getting the Rack Serial Number for a Cisco 9336C or 9348 Switch
- 4.1.4 Getting the Rack Serial Number for a Sun Datacenter InfiniBand Switch 36
- 4.1.5 Getting the Serial Number for a Cisco 4948 Ethernet Switch
- 4.2 Securing the Software
- 4.3 Disabling SSH on Storage Servers
-
4.4
Configuring Data Security for Exadata Storage Servers
- 4.4.1 About Exadata Storage Server Security Modes
- 4.4.2 Best Practices for ASM-Scoped Security and DB-Scoped Security
- 4.4.3 About Security Keys
- 4.4.4 Setting Up ASM-Scoped Security on Oracle Exadata Storage Servers
- 4.4.5 Setting Up DB-Scoped Security on Oracle Exadata Database Machine
- 4.4.6 Changing Security Keys for ASM-Scoped Security or DB-Scoped Security
- 4.4.7 Enabling Cell-to-Cell Operations
- 4.4.8 Removing ASM-Scoped Security or DB-Scoped Security
- 4.5 Maintaining a Secure Environment
-
4.1
Securing the Hardware
-
5
Securely Erasing Oracle Exadata
- 5.1 Overview of Secure Eraser
- 5.2 Securely Erasing Database Servers and Storage Servers
- 5.3 Automatic Secure Eraser through PXE Boot
- 5.4 Interactive Secure Eraser through PXE Boot
- 5.5 Interactive Secure Eraser through Network Boot
- 5.6 Secure Eraser Syntax
-
5.7
Resetting Network Switches and Power Distribution Units to Factory Default
- 5.7.1 Resetting a Cisco Nexus 9336C-FX2 RoCE Network Fabric Switch to Factory Default Settings
- 5.7.2 Resetting InfiniBand Network Fabric Switches to Factory Default
- 5.7.3 Resetting the Cisco Management Network Switch to Factory Default Settings
- 5.7.4 Resetting Power Distribution Units to Factory Default
- 5.8 Actions After Using Secure Eraser