There are OS-level solutions that would negate the need to run ASO - like making an IPSec link between the app and the database servers, but that is probably more pain and overhead than it is worth. Thanks, Matt ________________________________ From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Goulet, Richard Sent: Thursday, January 22, 2009 1:48 PM To: ganstadba@xxxxxxxxxxx; oracle-l@xxxxxxxxxxxxx Subject: RE: 10.2.0.4 secure sqlnet traffic between db and app server(jdbc) I do believe you are correct. Dick Goulet Senior Oracle DBA PAREXEL International 978.313.3426 information transmitted in this communication is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please destroy any copies, contact the sender and delete the material from any computer. ________________________________ From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Michael McMullen Sent: Thursday, January 22, 2009 12:13 PM To: oracle-l@xxxxxxxxxxxxx Subject: 10.2.0.4 secure sqlnet traffic between db and app server(jdbc) 10.2.0.4 - linux I've never had to deal with this question before so forgive me if I'm a little confused. Do I need Oracle Advanced Security for network encryption between the db and the application server. The app server will be using jdbc thin driver. Thanks Mike