Request for DNS Address to be Added to Outbound Allow List

The customer or system integrator can request a DNS (Domain name service) name to be added in the allow list for outbound interface communication. An allow list provides access to specified DNS addresses that the Oracle network would otherwise prevent access to. For Oracle Utilities cloud services, a customer or system integrator must request a DNS to be added to allow list for outbound communication to all external systems. This section describes the process to for customers or system integrators to request a DNS allow list.

Request Specification

• A single request to allow a named DNS or a list of named DNS will ensure allowing the same DNS in all customer environments. Customer need not to request per environment (Dev, Test, Prod).

Customer Obligations

• The customer must provide the named DNS OR URL along with the justification for its allowance.

• No wildcard (*) in DNS should be used. The full DNS must be provided.

• The SSL port 443 must be used.

• TLS / SSL Certificate should be issued by a trusted public certificate authority (Digicert, Symantec/VeriSign, Comodo, on so on)

• Certificate's name(s) must match the server / endpoint name.

• Installation of TLS / SSL Certificate should include complete authentication chain.

• Initial and ongoing expiry / validation of TLS / SSL Certificate of the endpoint.

• Support minimum of TLS 1.2.

• Multiple DNS Lists can be requested via a single My Oracle Support (MOS) Service Request.

• The customer must maintain a record of what is being requested for the allow list. Oracle doesn't provide this record.

Note: Customers may use TLS / SSL validation tools such as openssl, TLS / SSL verification websites (such as https://www.ssllabs.com/ or others) to validate the compliance requirements mentioned above.

Oracle Cloud Operations Team Obligations

• Acknowledge and schedule the execution of the service request

• Submit the ticket with internal security team for approval

• Coordinate with Infrastructure teams (if needed) for completion of the service request

• Communicate the status upon completion of the service request

Service Level Objective

• Advanced Notice: 7 business days

• Acknowledge/Schedule: 2 business days

• Execution Time: 2 business days

• Outage Expected: No