1. Security Guide
  2. Security Features of Oracle Database Appliance

2 Security Features of Oracle Database Appliance

Oracle Database Appliance uses hardware and software hardening processes to secure the system, and that assist in deploying a layered security strategy.

Topics:

About Oracle Database Appliance Security Features

Oracle Database Appliance includes hardening configuration and security capabilities to core components.

Your organization can use the security features of Oracle Database Appliance as part of a layered security strategy.

Hardening Configuration

Oracle Database Appliance includes the following recommended hardening configuration procedures:

  • Installed packages are trimmed to a minimum, so that unnecessary packages are not installed on the servers.

  • Essential services only are enabled on the Oracle Database Appliance nodes.

  • Operating system users are audited.

  • Secure configurations for NTP, SSH, and other services.

Security Capabilities

Oracle Database Appliance architecture provides security capabilities to the core components. The capabilities are grouped into the following categories:

  • Isolation policies

  • Controlled access to data

  • Cryptographic services

  • Monitoring and auditing

  • Oracle Integrated Lights Out Manager (ILOM)

Parent topic: Security Features of Oracle Database Appliance

Using Isolation Policies

Isolation policies provide more secure multitenant services.

If your organization wants to consolidate IT infrastructure, implement shared service architectures, and deliver secure multitenant services, then you should isolate services, users, data, communications, and storage. Oracle Database Appliance provides organizations the flexibility to implement the isolation policies and strategies, based on their needs.

Topics:

  • Isolating Network Traffic
    Oracle Database Appliance isolates client access from device management and inter-device communication at the physical network level.
  • Isolating Databases
    All Oracle Database security options are available for Oracle Database Appliance.

Parent topic: Security Features of Oracle Database Appliance

Isolating Network Traffic

Oracle Database Appliance isolates client access from device management and inter-device communication at the physical network level.

Oracle Database Appliance isolates client and management network traffic on separate networks. Clients access services on a redundant 10 Gbps Ethernet network that ensures reliable, high-speed access to services running on the system. Cluster management access is provided over a physically separate 1 Gbps Ethernet network. Providing physically separate networks ensures separation between operational and management network traffic.

Your organization can choose to further segregate network traffic over the client access Ethernet network by configuring virtual local area networks (VLANs). VLANs segregate network traffic based on your organization’s requirements. Oracle recommends the use of encrypted protocols over VLANs to assure the confidentiality and integrity of communications.

Parent topic: Using Isolation Policies

Isolating Databases

All Oracle Database security options are available for Oracle Database Appliance.

If your organization requires finer-grained database isolation, then you can use software such as Oracle Database Vault, Oracle Virtual Private Database, and Oracle Label Security. One of the best isolation methods is to create physical separation is to dedicate an entire environment to a single application or database. However, servers dedicated to one application or one database are expensive. A more cost-effective isolation strategy uses multiple databases within the same operating system image. You can obtain multiple database isolation through a combination of database and operating system-level controls, such as dedicated credentials for users, groups, and resource controls.

Oracle Database Vault includes a mandatory access control model, which enforces isolation by using logical realms within a single database. Logical realms form a protective boundary around existing application tables by blocking administrative accounts from having ad-hoc access to application data. Oracle Database Vault command rules enable policy-based controls that limit who, when, where, and how the database and application data is accessed. This creates a trusted path to application data. Oracle Database Vault can also be employed to restrict access based upon time, source IP address, and other criteria.

Oracle Virtual Private Database enables the creation of policies that enforce fine-grained access to database tables and views at the row and column levels. Oracle Virtual Private Database provides security portability because the policies are associated with database objects, and are automatically applied no matter how the data is accessed. Oracle Virtual Private Database can be used for fine-grained isolation within the database.

Oracle Label Security classifies data, and mediates access to that data based upon its classification. Your organization can define classification strategies, such as hierarchical or disjoint, that best support their needs. This capability allows information stored at different classification levels to be isolated at the row level within a single tablespace.

Parent topic: Using Isolation Policies

Controlling Access to Data

Controlling access to data, workloads and infrastructure helps to provide greater security.

To protect application data, workloads, and the underlying infrastructure on which it runs, Oracle Database Appliance offers comprehensive yet flexible access control capabilities for both users and administrators. The control capabilities include network access and database access.

Topics:

Parent topic: Security Features of Oracle Database Appliance

Controlling Network Access

Configure Network access to provide fine-grained access control.

Beyond simple network-level isolation, fine-grained access control policies can be instituted at the device level. All components in Oracle Database Appliance include the ability to limit network access to services either using architectural methods, such as network isolation, or using packet filtering and access control lists to limit communication to, from, and between components and services.

Parent topic: Controlling Access to Data

Controlling Database Access

Help to reduce the risk of collusive behavior and inadvertent errors by using separation of duties at every layer of database architecture using role-allocated operating system users and group system privileges.

For example, use different operating system user accounts and designate different physical groups to grant Oracle Database and Oracle Automatic Storage Management (Oracle ASM) system privileges to ensure role separation for database and storage administrators. Within Oracle Database, you can assign specific privileges and roles to ensure that users have access to only those data objects that they are authorized to access. Data cannot be shared unless it is explicitly permitted.

In addition to the password-based authentication available in Oracle Database, Oracle Advanced Security enables organizations to implement strong authentication using public key credentials, RADIUS, or a Kerberos infrastructure. Using Oracle Enterprise User Security, the database can be integrated with existing LDAP repositories for authentication and authorization. These capabilities provide higher assurance of the identity of users connecting to the database.

You can use Oracle Database Vault to manage administrative and privileged user access, controlling how, when and where application data can be accessed. Oracle Database Vault protects against misuse of stolen login credentials, application bypass, and unauthorized changes to applications and data, including attempts to make copies of application data. Oracle Database Vault is transparent to most applications, and day-to-day tasks. It supports multi-factor authorization policies, allowing for secure enforcement of policy without disrupting business operations.

Oracle Database Vault can enforce separation of duties to ensure that account management, security administration, resource management, and other functions are granted only to those users authorized to have those privileges.

Parent topic: Controlling Access to Data

About Managing Privileges and Security with SUDO

A SUDO policy helps to provide system auditing and access control for superuser (root) privileges on the operating system. Use these examples to help to implement a SUDO policy.

The Oracle Appliance Manager command-line utility requires root system privileges for most administrative actions. If you are not logged in as root, then you cannot carry out most actions on the appliance. For example, if you are not logged in as root, then you can view storage information, but you cannot modify the storage.

You should use SUDO, instead of su, to grant root privilege to administrative users. SUDO enables system administrators to grant certain users (or groups of users) the ability to run commands as root without the need for the root password, unlike su. It also logs all commands and arguments as part of your security and compliance protocol.

A SUDO security policy is configured by using the file /etc/sudoers. Within the sudoers file, you can configure groups of users and sets of commands to simplify and audit server administration with SUDO commands.

Parent topic: Controlling Access to Data

Configuring a SUDO Security Policy for the DCS Stack

Use these examples to help to implement a SUDO policy for Oracle Database Appliance models that are using the DCS stack (odacli).

A SUDO policy helps to provide system auditing and access control for superuser (root) privileges on the operating system.

Caution:

Configuring SUDO to allow a user to perform any operation is equivalent to giving that user root privileges. Consider carefully if this is appropriate for your security needs.

Example 2-1 SUDO Example 1: Allow a User to Perform Any ODACLI Operation

This example shows how to configure SUDO to enable a user to perform any ODACLI operation. You do this by adding lines to the commands section in the /etc/sudoers file: 

## The commands section may have other options added to it.
##
Cmnd_Alias ODACLI_CMDS=/opt/oracle/oak/bin/odacli *
jdoe ALL = ODACLI_CMDS

In this example, the user name is jdoe. The file parameter setting ALL= ODACLI_CMDS grants the user jdoe permission to run all odacli commands that are defined by the command alias ODACLI_CMDS. After configuration, you can copy one sudoers file to multiple hosts. You can also create different rules on each host.

Note:

Before database creation, you must set up user equivalency with SSH for the root user on each server. If you do not set up user equivalency and configure SSH on each server, then you are prompted to provide the root password for each server during database creation.

After you configure the sudoer file with the user, the user jdoe can run the set of odacli commands configured with the command alias ODACLI_CMDS. For example: 

$ sudo odacli create database -db newdb

INFO: 2018-06-05 14:40:55: Look at the logfile  '/opt/oracle/oak/log/node1011/tools/12.2.1.4.0/createdb_newdb_91715.log' for more details

INFO:2018-06-05 14:40:59: Database parameter file is not provided. Will be using default parameters for DB creation
Please enter the 'SYSASM'  password :
Please re-enter the 'SYSASM' password:
 
INFO: 2018-06-05 14:41:10: Installing a new home: OraDb12102_home3 at /u01/app/oracle/product/12.2.1.4/dbhome_3

Please select one of the following for Database type  [1 .. 3]:
1    => OLTP 
2    => DSS 
3    => In-Memory

Example 2-2 SUDO Example 2: Allow a User to Perform Only Selected ODACLI Operations

To configure SUDO to allow a user to perform only selected ODACLI operations, add lines to the commands section in the /etc/sudoers file as follows: 

## DCS commands for oracle user 
Cmnd_Alias DCSCMDS = /opt/oracle/dcs/bin/odacli describe-appliance
oracle  ALL=       DCSCMDS
$ sudo /opt/oracle/dcs/bin/odacli describe-appliance

Appliance Information
----------------------------------------------------------------
                     ID: a977bb04-6cf0-4c07-8e0c-91a8c7e7ebb8
               Platform: OdaliteL
        Data Disk Count: 6
         CPU Core Count: 20
                Created: June 24, 2018 6:51:52 AM HDT

System Information
----------------------------------------------------------------
                   Name: odal001
            Domain Name: example.com
              Time Zone: America/Adak
             DB Edition: EE
            DNS Servers: 10.200.76.198 10.200.76.199 192.0.2.254
            NTP Servers: 10.200.0.1 10.200.0.2

Disk Group Information
----------------------------------------------------------------
DG Name                   Redundancy                Percentage
------------------------- ------------------------- ------------
Data                      Normal                    90
Reco                      Normal                    10

In this example, the user jdoe2 tries to run the sudo odacli list-databases command, which is not part of the set of commands that is configured for that user. SUDO prevents jdoe2 from running the command. 

[jdoe2@servernode1 ~]$ sudo /opt/oracle/dcs/bin/odacli list-databases

Sorry, user jdoe2 is not allowed to execute '/opt/oracle/dcs/bin/odacli list-databases' as root on servernode1.

Parent topic: Controlling Access to Data

Using Cryptographic Services

Cryptographic services can help to protect and validate information at rest, in transit, and in use.

From encryption and decryption to digital fingerprint and certificate validation, cryptography is one of the most-widely deployed security controls in IT organizations.

Whenever possible, Oracle Database Appliance makes use of hardware-based cryptographic engines Intel AES-NI and Oracle SPARC processors. Using hardware for cryptographic operations provides significant performance improvement over performing the operations in software. Both engines provide the ability to perform cryptographic operations in hardware, and both are leveraged by Oracle software on the database and storage servers.

Network cryptographic services protect the confidentiality and integrity of communications by using a cryptographically-secure protocol. For example, Secure Shell (SSH) access provides secure administrative access to systems and Oracle Integrated Lights Out Manager (Oracle ILOM). SSL/TLS can enable secure communications between applications and other services.

Database cryptographic services are available from Oracle Advanced Security. Oracle Advanced Security encrypts information in the database using the transparent data encryption (TDE) functionality. TDE supports encryption of application table spaces, and encryption of individual columns within a table. Data stored in temporary table spaces, and redo logs are also encrypted. When the database is backed up, the data remains encrypted on destination media. This protects information at rest no matter where it is physically stored. Oracle Advanced Security should be considered for organizations concerned about the confidentiality of stored database content or database encryption, either at the table space level or column-level.

In addition, Oracle Advanced Security encrypts Oracle Net Services and JDBC traffic using either native encryption or TLS to protect information while in transit over a network. Both administrative and application connections can be protected to ensure that data in transit is protected. The TLS implementation supports the standard set of authentication methods including server-only authentication using X.509 certificates and mutual (client-server) authentication with X.509.

Parent topic: Security Features of Oracle Database Appliance

Monitoring and Auditing of Databases on Oracle Database Appliance

Oracle Database Appliance includes Oracle Database Fine Grained Auditing (FGA), Oracle Audit Vault, and Oracle Database Firewall Remote Monitor, which provide comprehensive monitoring and auditing features.

Whether for compliance reporting or incident response, monitoring and auditing are critical functions that organizations must use to gain increased visibility into their IT environment. The degree to which monitoring and auditing is employed is often based upon the risk or criticality of the environment. Oracle Database Appliance has been designed to offer comprehensive monitoring and auditing functionality at the server, network, database, and storage layers ensuring that information can be made available to organizations in support of their audit and compliance requirements.

Oracle Database Fine Grained Auditing (FGA) can help you to create create audit records at the level of individual tables and columns, reducing audit overhead. FGA enables organizations to establish policies that selectively determine when audit records are generated. This helps organizations to focus on other database activities, and to reduce the overhead that is often associated with audit activities.

Oracle Audit Vault centralizes the management of database audit settings and automates the consolidation of audit data into a secure repository. Oracle Audit Vault includes built-in reporting to monitor a wide range of activities including privileged user activity and changes to database structures. The reports generated by Oracle Audit Vault enable visibility into various application and administrative database activities, and provide detailed information to support accountability of actions.

Oracle Audit Vault enables the proactive detection and alerting of activities that may be indicative of unauthorized access attempts or abuse of system privileges. These alerts can include both system and user-defined events and conditions, such as the creation of privileged user accounts or the modification of tables containing sensitive information.

Oracle Database Firewall Remote Monitor can provide real-time database security monitoring. Oracle Database Firewall Remote Monitor queries database connections to detect malicious traffic, such as application bypass, unauthorized activity, SQL injection and other threats. Using an accurate SQL grammar-based approach, Oracle Database Firewall helps organizations quickly identify suspicious database activity.

Parent topic: Security Features of Oracle Database Appliance

About FIPS 140-2 Compliance on Oracle Database Appliance

Understand how FIPS 140-2 is implemented on Oracle Database Appliance.

Starting with Oracle Database Appliance release 19.11, the Linux kernel used by Oracle Database Appliance running on bare metal and KVM Database Systems is compliant with the United States Federal Information Processing Standard 140-2 (FIPS 140-2) level one. In accordance with the FIPS standard, the algorithms used by the secure shell (SSH) are limited to those permitted by the standard. FIPS 140-2 is supported in both newly provisioned systems and patched systems. When a system is updated, FIPS support is automatically enabled. No user intervention is needed.

Parent topic: Security Features of Oracle Database Appliance

Checking for STIG Compliance on Oracle Database Appliance

Understand how to check the Oracle Database Appliance for compliance with the Security Technical Implementation Guidelines (STIG).

The Defense Information Systems Agency (DISA) recommends (or requires in some cases) the Security Technical Implementation Guidelines (STIG) for deployment and management of software, hardware, and system components. For more information about STIG standards, see https://public.cyber.mil/stigs/downloads/.

Oracle Database Appliance provides support for Oracle Linux 7 Security Scripts (OLSS) to assist with documenting and aligning with the DISA Oracle Linux 7 STIG. OLSS enables you to verify your existing environment for STIG standards and secure your system against STIG settings that are not set to DISA standards.

Oracle Database Appliance bundles the STIG script with the product for Oracle Database Appliance in the directory /opt/oracle/dcs/stig.

OLSS has two modes of operation: Verify and Secure. When you run OLSS, the information is displayed on the screen and also saved to a log file. In the Verify mode, the script examines the current compliance status of your system, but it does not change any settings. In the Secure mode, the script examines the current compliance status of your system, and makes changes to the system when the settings or compliance are not adequate, or flags the item as Manual, so that the administrators can make the change.

Running the STIG Command

Follow these steps to run the STIG script:

  1. Log in as root user.
  2. Run the command from the /opt/oracle/dcs/stig directory:
    [root@oda1 stig]# ./RunSTIG

The summary and detailed logs are in the /opt/oracle/dcs/stig/04_Logs directory. When you run the STIG command in the secure or verify mode, the log files are STIG.Secure.timestamp or STIG.Verify.timestamp respectively.

An example log when running the STIG command in secure mode is as follows. The log contains the order of execution of the script, documents the user inputs, the rule description, what was seen on the system, and the changes made.

The file has description of whether a rule PASSED/Manual/FAILED : file name is : Summary.Secure.08_06_2021_05:21 
===========================================================
Tests run: 252: CAT1 = 27, CAT2 = 213, CAT3 = 12
CAT1     results: Pass: 24      Fail: 0         Manual: 3
         results: Pass: 88.88%  Fail: 0%        Manual: 11.11%
CAT2     results: Pass: 182     Fail: 3         Manual: 28
         results: Pass: 85.44%  Fail: 1.40%     Manual: 13.14%
CAT3     results: Pass: 6       Fail: 0         Manual: 6
         results: Pass: 50.00%  Fail: 0%        Manual: 50.00%
Total by results: Pass: 212     Fail: 3         Manual: 37 
Weighted results: Pass: 84.12%  Fail: 1.19%     Manual: 14.68% 
==========================================================

Following are examples of running the STIG scripts in the Verify and Secure modes.

Both secure and verify modes of STIG classify the severity of the STIG rules as SEV1 - Severity-1 STIG rules, SEV2 - Severity-2 STIG rules, SEV3-Severity-3 STIG rules.

To verify and secure your Oracle Database Appliance system with STIG compliance, select the option 3 when you run the STIG command in both Verify and Secure modes.

To verify and secure your Oracle Database Appliance system with STIG-compliant rules based on severity, specify 1 for verifying SEV1 - Severity-1 STIG rules, specify 2 for verifying SEV2 - Severity-2 STIG rules, specify 3 for verifying SEV3-Severity-3 STIG rules, and specify A for verifying STIG rules of all severities. Following are examples of running the STIG scripts.

Example 2-3 Running STIG Scripts in the Verify Mode

$ ./RunSTIG

Initializing tests.....

******** WARNING    WARNING    WARNING    WARNING    WARNING *********

                    Oracle Linux 7 Security Scripts The Oracle Linux Security Scripts (OLSS) are a tool designed to assist in creation and deployment of secured Oracle Linux 7 Operating Environment systems.
The OLSS is comprised of a set of scripts and directories.

DISCLAIMER OF WARRANTIES:  THE OLSS IS OFFERED  "AS IS" AND "WITH ALL FAULTS" AND WITHOUT WARRANTY OF ANY KIND WHATSOEVER. ORACLE DISCLAIMS, AND USERS OF THE OLSS WAIVE, ANY AND ALL EXPRESS OR IMPLIED WARRANTIES AND REPRESENTATIONS, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT.
THE OLSS IS TO BE USED AT YOUR OWN RISK.

NO LIABILITY:  IN NO EVENT SHALL ORACLE BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGE IN CONNECTION WITH OR ARISING OUT OF THE USE OF THE OLSS (INCLUDING, BUT NOT LIMITED TO, LOSS OF BUSINESS, REVENUE, PROFITS, USE, DATA, OR OTHER ECONOMIC ADVANTAGE) HOWEVER IT ARISES, WHETHER FOR BREACH OR IN TORT, EVEN IF ORACLE HAS BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

I Have read and agree with the above Warning [y|n]: y

  **** Welcome to the Oracle Linux 7 STIG tool ****

This tool has two primary modes: Secure or Verify

Throughout this tool the answers in [] are the expected responses

Did you want to Secure or Verify? [Secure|Verify]:

**********************
When ‘Verify’ is chosen:
**********************
Did you want to Secure or Verify? [Secure|Verify]: Verify
Responded: Verify

Is "Verify" correct? (y/n): y
Responded: y

Oracle Linux 7 Security Scripts have 4 flavors:

1) SCAP             - The 177 DISA SCAP checks

2) Exadata or ZDLRA - The 177 DISA SCAP checks with the special
                       host_access_control command for them

3) ODA - All 252 STIG checks with ODA exceptions

4) Full - All 252 STIG checks

Did you want to run checks against [1|2|3|4]: 3
Responded: 3

Is "3" correct? (y/n): y
Responded: y
ODA set of STIG checks  will be run

Did you want to run checks against SEV1, SEV2, SEV3, All [1|2|3|A]:A
Responded: A

Is "A" correct? (y/n): y
Responded: y

   **** Beginning: Verify testing;  ****

Example 2-4 Running STIG Scripts in the Secure Mode

The Secure mode assigns severity of the STIG warnings: SEV1 - Severity-1 STIG rules, SEV2 - Severity02 STIG rules, SEV3-Severity-3 STIG rules.

$ ./RunSTIG

**** Welcome to the Oracle Linux 7 STIG tool ****

This tool has two primary modes: Secure or Verify

Throughout this tool the answers in [] are the expected responses

Did you want to Secure or Verify? [Secure|Verify]: Secure
Responded: Secure

Is "Secure" correct? (y/n): y
******** WARNING    WARNING    WARNING    WARNING    WARNING *********

   When running this tool to Secure the system, the tool will modify
   the running system - BE SURE to quiet the system during this time
   by shutting down all apps (web servers, databases, etc) first.

   If required, exit this program with a Control-c

   Reversing any of the changes made by the tool is completed manually
   by reading the contents of the log files that should show exactly
   what was changed and undoing the change.

******** WARNING    WARNING    WARNING    WARNING    WARNING *********


Oracle Linux 7 Security Scripts have 4 flavors:

1) SCAP             - The 177 DISA SCAP checks

2) Exadata or ZDLRA - The 177 DISA SCAP checks with the special
                       host_access_control command for them

3) ODA - All 252 STIG checks with ODA exceptions

4) Full - All 252 STIG checks

Did you want to run checks against [1|2|3|4]: 3
Responded: 3

Is "3" correct? (y/n): y
Responded: y
ODA set of STIG checks  will be run

Did you want to run checks against [1|2|3|4]: 3
Responded: 3

Is "3" correct? (y/n): y
Responded: y
ODA set of STIG checks  will be run

Did you want to run checks against SEV1, SEV2, SEV3, All [1|2|3|A]: A
Responded: A

Is "A" correct? (y/n): y
Responded: y

   **** Beginning: Secure testing;  ****

Example 2-5 Location of Logs

The list of files in the /opt/oracle/dcs/stig/ directory are as follows: 

[root@oda1 stig]# ls -la
total 128
drwx------.  8 3878  900  4096 Aug  4 11:55 .
drwxr-xr-x. 22 root root  4096 Aug  4 20:00 ..
drwx------.  2 3878  900  4096 Jul 27 13:24 01_Sev1 
drwx------.  2 3878  900 12288 Jul 27 13:24 02_Sev2 
drwx------.  2 3878  900  4096 Jul 27 13:24 03_Sev3 
drwx------.  2 3878  900  4096 Aug  3 10:25 04_Logs 
-rwx------.  1 3878  900 19716 Jul 27 13:24 .auto_answer 
-rwx------.  1 3878  900  9288 Jul 27 13:24 .Change_log 
-rwx------.  1 3878  900 16745 Jul 27 13:24 .control_01 
drwx------.  2 3878  900  4096 Jul 27 13:24 .files 
drwx------.  2 3878  900  4096 Jul 27 13:24 .messages 
-rwx------.  1 3878  900 13169 Jul 27 13:24 README 
-rwx------.  1 3878  900 19871 Jul 27 13:24 RunSTIG

Example 2-6 Secure and Verify Logs Summary

The file names for secure, verify, and the corresponding summary file names are given below. The Summary.Secure.timestamp file provides the status of compliance after hardening. The Summary.Verify.timestamp file provides the status of compliance before hardening. 

[root@oda1 stig]# pwd
/opt/oracle/dcs/stig/04_Logs
[root@scaoda813c1n2 04_Logs]# ls -la
total 48
drwx------. 2 3878 900 4096 Aug 31 07:47 .
drwx------. 9 3878 900 4096 Aug 31 07:47 ..
-rw------- 1 root root 14716 Aug 31 07:47 STIG.Secure.08_31_2021_07:47
-rw------- 1 root root 12884 Aug 31 07:47 STIG.Verify.08_31_2021_07:46
-rw------- 1 root root 1186 Aug 31 07:47 Summary.Secure.08_31_2021_07:47
-rw------- 1 root root 1186 Aug 31 07:47 Summary.Verify.08_31_2021_07:47

Parent topic: Security Features of Oracle Database Appliance

About Enabling CIS Benchmarks on Oracle Database Appliance

Understand about Center for Internet Security (CIS) Benchmarks for Oracle Database Appliance.

Center for Internet Security (CIS) Benchmarks are best practices for the secure configuration of a target system. They are consensus-based, best-practice security configuration guides developed and accepted by government, business, industry, and academia. The CIS Benchmarks are available for download at https://learn.cisecurity.org/benchmarks.

Center for Internet Security (CIS) Benchmarks support was available in earlier Oracle Database Appliance releases, but Oracle Database Appliance Release 19.12 does not support Center for Internet Security (CIS) Benchmarks currently.

Parent topic: Security Features of Oracle Database Appliance

Using Oracle ILOM for Secure Management

Oracle Integrated Lights-Out Management (Oracle ILOM) enables full out-of-band management, providing remote management capability for Oracle Database Appliance.

IPMI v2.0 and Collections of security controls and capabilities are necessary to properly secure individual applications and services. It is equally important to have comprehensive management capabilities to sustain the security of the deployed services and systems. Oracle Database Appliance uses the security management capabilities of Oracle ILOM.

Oracle ILOM is a service processor embedded in many Oracle Database Appliance components to perform out-of-band management activities. Oracle ILOM provides the following features:

  • Secure access to perform secure lights-out management of the database and storage servers. Access includes web-based access protected by Transport Layer Security (TLS), command-line access using Secure Shell, and SNMPv3 protocols.

  • Separate duty requirements using a role-based access control model. Individual users are assigned to specific roles that limit the functions that can be performed.

  • An audit record of all logins and configuration changes. Each audit log entry lists the user performing the action, and a timestamp. This allows organizations to detect unauthorized activity or changes, and attribute those actions back to specific users.

Parent topic: Security Features of Oracle Database Appliance