3 Planning a Secure Environment

Determine security practices that you want to deploy before your Oracle Database Appliance is delivered.

After deployment, review your security practices periodically, and adjust them as needed to stay current with the security requirements of your organization.


Considerations for a Secure Environment

Plan to integrate Oracle Database Appliance identity and access management security features with your existing organization security protocols.

Oracle Database Appliance includes many layered security controls that can be tailored to meet an organization's specific policies and requirements. Organizations must evaluate how to best utilize these capabilities and integrate them into their existing IT security architecture. Effective IT security must consider the people, processes, and technology in order to provide solid risk management and governance practices. Practices and policies should be designed and reviewed during the planning, installation, and deployment stages of Oracle Database Appliance.

A unified approach to identity and access management should be used when integrating Oracle Database Appliance components, and deployed services with an organization's existing identity and access management architecture. Oracle Database supports many open and standard protocols that allow it to be integrated with existing identity and access management deployments. To ensure application availability, unified identity and access management systems must be available, or the availability of Oracle Database Appliance may be compromised.

Before Oracle Database Appliance arrives, the following security considerations should be discussed. These considerations are based on Oracle best practices for Oracle Database Appliance.

  • The use of intrusion prevention systems on database servers to monitor network traffic flowing to and from Oracle Database Appliance. Such systems enable the identification of suspicious communications, potential attack patterns, and unauthorized access attempts.

  • The use of host-based intrusion detection and prevention systems for increased visibility within Oracle Database Appliance. By using the fine-grained auditing capabilities of Oracle Database, host-based systems have a greater likelihood of detecting inappropriate actions and unauthorized activity.

  • The use of application and network-layer firewalls to protect information flowing to and from Oracle Database Appliance. Filtering network ports provides the first line of defense in preventing unauthorized access to systems and services.

    Network-level segmentation using Ethernet virtual local area networks (VLANs) and host-based firewalls enforce inbound and outbound network policy at the host level. Using segmentation allows fine-grained control of communications between components of Oracle Database Appliance. Oracle Database Appliance can be configured with a software firewall.

  • The use of encryption features such as Transparent Data Encryption (TDE), Oracle Recovery Manager (RMAN) encryption for backups, and Oracle Advanced Security to encrypt traffic to Oracle Data Guard standby databases.

While many of the features integrated into Oracle Database Appliance are configured by default for secure deployment, organizations have their own security configuration standards. It is important to review Oracle security information before testing any security setting changes to Oracle Database Appliance components. In particular, it is important to identify where existing standards can be improved, and where support issues may limit what changes can be made to a given component.

The security of the data and system is diminished by weak network security. Oracle recommends the following guidelines to maximize your Ethernet network security:

  • Configure administrative and operational services to use encryption protocols and key lengths that align with current policies. Cryptographic services provided by Oracle Database Appliance benefit from hardware acceleration, which improves security without impacting performance.

  • Manage and separate switches in Oracle Database Appliance from data traffic on the network. This separation is also referred to as "out-of-band."

  • Separate sensitive clusters of the system from the rest of the network when using virtual local area networks (VLANs). This decreases the likelihood that users can gain access to information on these clients and servers.

  • Use a static VLAN configuration.

  • Disable unused switch ports, and assign an unused VLAN number.

  • Assign a unique native VLAN number to trunk ports.

  • Limit the VLANs that can be transported over a trunk to only those that are strictly required.

  • Disable VLAN Trunking Protocol (VTP), if possible. If it is not possible, then set the management domain, password and pruning for VTP. In addition, set VTP to transparent mode.

  • Disable unnecessary network services, such as TCP small servers or HTTP. Enable only necessary network services, and configure these services securely.

  • Network switches offer different levels of port security features. Use these port security features if they are available:

  • Lock the Media Access Control (MAC) address of one or more connected devices to a physical port on a switch. If a switch port is locked to a particular MAC address, then super users cannot create back doors into the network with rogue access points.

  • Disable a specified MAC address from connecting to a switch.

  • Use each switch port's direct connections so the switch can set security based on its current connections.

Understanding User Accounts

Review the information in this topic to understand default user account information for Oracle Database Appliance deployments.

The following table lists the default users for the Oracle Database Appliance components.


You must change all default passwords after deploying Oracle Database Appliance.

Table 3-1 Default User Names for User Accounts

Component User Name

Oracle Database Appliance servers

  • root

  • oracle

  • grid

Oracle Databases

  • sys

  • system

  • dbsnmp

Understanding the Default Security Settings

Oracle Database Appliance is installed with many default security settings and methods.

Whenever possible and practical, you should select secure default settings.

Security Settings Deployed by Default on Oracle Database Appliance

Default security methods and settings include the following:

  • A minimal software installation to reduce attack surface.

  • Oracle Database secure settings developed and implemented using Oracle best practices.

  • A password policy that enforces a minimum password complexity.

  • Failed log in attempts cause a lockout after a set number of failed attempts.

  • All default system accounts in the operating system are locked and prohibited from logging in.

  • Restrictive file permissions on key security-related configuration files and executable files.

  • SSH listen ports restricted to management and private networks.

  • SSH limited to v2 protocol.

  • Disabled insecure SSH authentication mechanisms.

  • Configured specific cryptographic ciphers.

  • Unnecessary protocols and modules are disabled from the operating system kernel.