Folks, We are running Oracle E-business suite (11.5.9/9.2.0.4) in a three-tier architecture. The database and concurrent processing is taking place on the database node. The application tier is hosting the forms server and the web server. The application is SSL enabled and therefore the traffic b/w the client browser and the middle-tier is being encrypted. We would like to encrypt the SQL*Net and JDBC traffic between the application and the database tiers to comply with the new security standards. Is there a way to implement this encryption without using Oracle's ASO ( advanced security option)? Has anyone in this list done it and would like to share their experience/thoughts with me. I would really appreciate any feedback. Thank you Amir -- //www.freelists.org/webpage/oracle-l