Discussions
Categories
- 17.9K All Categories
- 3.4K Industry Applications
- 3.4K Intelligent Advisor
- 75 Insurance
- 537.7K On-Premises Infrastructure
- 138.7K Analytics Software
- 38.6K Application Development Software
- 6.1K Cloud Platform
- 109.6K Database Software
- 17.6K Enterprise Manager
- 8.8K Hardware
- 71.3K Infrastructure Software
- 105.4K Integration
- 41.6K Security Software
Databases availabity with single database firewall
Hi,
We are planning to add Oracle Audit Vault and Firewall (AVDF) to our production and non-production architecture.
We are not considering the resilient paired option. Thus, we will have 2 servers for AV and DFW on PROD and same in non-PROD.
Having said that, what happens if the DFW crashes or fails for any reason in this architecture?
Is it really a single point of failure in this case for all DBs?
Will the connections still pass though bypassing the DFW to the oracle DBs or that will be impacted?
Can we bypass the DFW at anytime for maintenance...etc?
Appreciate your input guys on this.
Thanks
Answers
-
Appreciate your input guys on the above. Thanks.
-
I am considering this product and have the same concerns. So far I have not found the answer in the documentation. Please update if you find an answer...I'll do the same.
Thanks
-
FYI..I found this in the Database Firewall Installation Guide for version 5.0:
In the unlikely event that an Oracle Database Firewall should fail, all traffic passes through, ensuring service continuity.
However, I have not found anything in the current Database Vault and Firewall 12c documentation that spells this out.
-
It is really disappointing to see such lack of info regarding such an important aspect that might affect business continuity. if the fail open NIC would do the job why it was not explained well and sufficiently in the relevant AVDF 12c Documentation !!?
I will also update here and share if I got some answers.
Still waiting hopefully on useful feedback here by either Oracle guys or people who has done it.