Best Practice - Oracle Network thru Firewall

  • From: Tony Jambu <tjambu_freelists@xxxxxxxxxxxx>
  • To: Oracle-L@xxxxxxxxxxxxx
  • Date: Tue, 7 Mar 2006 01:15:34 +1100 (EST)

Hi all

Looking for best practice for allowing Oracle Network (functionality) 
thru a firewall.

Client wants to allow external clients to access information in the internal 
as well as internal client having access to databases in the DMZ.

                               Trusted Clients
                            DMZ       v
External --->  FW (ext) >-------->FW (Int)------>Internal dbs

               FW (ext) ----dbs<---FW (Int)<----- Int Users

basically client wants to access database in the DMZ 
and allow clients to access some information in the internal corporate database.

Other than explicitly allowing port say 1521 across the Internal FW to specific 
internal/DMZ servers, what other options are there?

1.  Oracle Connection Manager?
2.  Proxy servers (like 3rd party ODBC server)? 

Basically, what I am looking at is to stop someone from directly accessing the 
listeners at the servers.  (Yes the listeners have been hardened)

Any bright ideas or suggestions?  Your help is much appreciated.


On Yahoo!7
  Messenger: Make free PC-to-PC calls to your friends overseas. 

Other related posts: