Hello EPA,
Marvel auburn
On Sat, Dec 10, 2022 at 9:36 AM EPA <epanosian@xxxxxxxxx> wrote:
Hello,
thank you. I was aware of the SQLNET.ora file, but in my case, there are
other databases using the same Oracle home. If I set ENCRYPTION_SERVER=
REQUIRED, it will impact other clients and if I set up ENCRYPTION_SERVER=
ACCEPTED or REQUESTED, then the target application (client) may/not use
encryption.
Any comments?
EPA
On Fri, Dec 9, 2022 at 9:05 AM Marián Bednár <marian.bednar@xxxxxxxxx>
wrote:
Hi,
Here is the basic description of two encrypting concepts.
Native encryption is easy to configure (transparent for clients) but for
some security officers it hasn't to be perfect.
https://questoraclecommunity.org/learn/blogs/oracle-database-network-encryption-native-vs-tls-ssl/
Oracle docs:
https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/configuring-network-data-encryption-and-integrity.html
https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/configuring-secure-sockets-layer-authentication.html
Marian
pi 9. 12. 2022 o 14:45 EPA <epanosian@xxxxxxxxx> napísal(a):
Hello,
What are the requirements to set up encrypted protocols between
applications / Oracle (19c) databases. How to enforce the use of encrypted
protocols (i.e. SSL) to prevent eavesdropping or unauthorized modification
of data in-transit. Disable clear-text services where possible? Sqlnet.ora?
Anybody has done this? What are the cons/pros? What are the steps? What are
shoulds and shouldn'ts?
Thank you,
EPA
