 |
|
Oracle Dataguard Encryption
Oracle Tips by Burleson |
2008
Update - For a complete
treatment of the topic of Oracle security on the web, see these
books and resources:
Real Time Apply
If a delay is defined on a destination, with
the DELAY attribute, and Real Time Apply is used, the delay is
ignored.
When, for any reason, the apply service is
unable to keep up, the apply service will automatically go to the
archive log files as needed. It will also try to catch up and go
back to reading the current standby redo log file as soon as
possible.
Authentication and Encryption
Data Guard log transport services can now use
authenticated network sessions to transfer redo data between the
members of a Data Guard configuration. If the Oracle Advanced
Security option is also installed, using encryption can increase
security further and integrity checksums on network transmission of
redo data.
Authentication is now required for all redo
shipments. The remote_login_passwordfile parameter must be
set to SHARED or EXCLUSIVE mode at all sites in the configuration.
The password for SYS must be identical at all databases.
In order to enable encryption of the redo
information, follow these requirements:
-
Install Oracle Advanced Security
option at both the primary and standby database.
-
Set up the appropriate sqlnet.ora parameters as documented in the Oracle Advanced
Security manual to allow Oracle Net to encrypt and integrity
checksum the redo traffic shipped to the standby.
Oracle documentation should be consulted for
information on setting up the encryption.
 |
|
Need an Oracle Health Check?
- Do you have
bad performance after an upgrade?
- Need to
certify that your database follows best practices?
BC Oracle performance gurus can quickly
certify every aspect of your
Oracle database and provide a complete verification that your database
is fully optimized. |
|
|
