This discussion is archived
8 Replies Latest reply: Aug 20, 2012 1:22 PM by 956095 RSS

Security requirement for Oracle on AIX

956095 Newbie
Currently Being Moderated
Hello experts,

We are identifying options to enhance security for our infrastructure. We are currently using Oracle on AIX following are the version details.

IBM AIX, 6.1
Oracle Apps 11.5.10
Database: 10.g

The application is accessed only within the intranet and via vpn.

Will there be a requirement for an antivirus? If yes are there any recommended products?
Will there be a requirement for a host intrusion detection system? If yes are there any recommended products?

Are there any other recommendations that you would like to advice.

Thanks
  • 1. Re: Security requirement for Oracle on AIX
    929328 Newbie
    Currently Being Moderated
    Hello, 953092 ,
    The information security problem is very important when using Intranet a even more, when using VPS. Usually VPS connection can give you good encription but when working with databases you can't totally rely on it.
    Let's answer your questions in parts:

    1) As for antivirus, I think you need it. You should use some products from Positive technologies ( http://www.ptsecurity.com/ ) They have MaxPatrol security complex and SpiderGuard virus scanner. Choose what you want, they are both certified to work with Oracle.

    2) IDS is really useful and you may need it. As you are using IBM AIX maybe you should better use Real Secure Server Sensor from IBM ( http://www-03.ibm.com/systems/power/software/aix/security/solutions/iss.html ) or just use an Open Source IDS SNORT: ( http://www.snort.org/ )

    If you have any questions, ask.
    Kirill Babeyev
  • 2. Re: Security requirement for Oracle on AIX
    956095 Newbie
    Currently Being Moderated
    Hello Kirill.Babeyev,

    Thank you very much for your reply.

    I am currently at difference of opinion with the oracle admin team as they feel that Antivirus is not required for AIX OS.

    1) Are there any other AV products those you can recommend for Oracle database and application servers running on AIX?
    2) I have read in certain forums that AV is not recommended for database servers as it will have performance implications. AV application will try to do "on access scan" for all items being fetched during database transactions. What is your opinion?
    3) What is the performance implication on the data base if host intrusion prevention is running on the server?
    4) Could you provide real-time example of product name version of AV and HIDS running for servers running Oracle on AIX?
    5) Could you provide some useful document links regarding information security in Oracle?

    Regards,
  • 3. Re: Security requirement for Oracle on AIX
    Srini Chavali-Oracle Oracle ACE Director
    Currently Being Moderated
    Antivirus is typically nor required for Unix systems - they may interfere with how the database or the application operates.

    http://www-03.ibm.com/systems/power/software/aix/security/feature/antivirus.html

    HTH
    Srini
  • 4. Re: Security requirement for Oracle on AIX
    956095 Newbie
    Currently Being Moderated
    Hello Srini,

    what measures would you suggest to provide necessery security controls for Oracle running on AIX ?

    regards,
  • 5. Re: Security requirement for Oracle on AIX
    Srini Chavali-Oracle Oracle ACE Director
    Currently Being Moderated
    Depends on what your business/technical requirements are. Antivirus is typically not deployed in Unix.

    HTH
    Srini
  • 6. Re: Security requirement for Oracle on AIX
    929328 Newbie
    Currently Being Moderated
    Hi, 953092,
    Let's answer your questions in parts:
    1) The AV products for AIX OS: http://www-03.ibm.com/systems/power/software/aix/security/feature/antivirus.html
    http://www.symantec.com/region/jp/techsupp/enterprise/savf/30unix/aix.pdf
    http://www.trendmicro.com/cloud-content/us/pdfs/business/ebooks/eb_real-time-publishers-esapt.pdf

    Speaking about database AV you should not run an anti-virus scanner on a database server. Virus scanners usually ruin the I/O of the server, because they have sequential access on a file, but Oracle accesses file in random.

    2) Yes. You've read the right forums. See above.

    3) They don't usually affect on performance but the have some disadvantages:
    a) False Alarms
    b) Limited ability to analyze the source information
    c) Encrypted packets are not processed by the intrusion detection software
    d) Provides information based on the network address that is associated with the IP packet that is sent into the network

    4) We don't have any complex product with AV and HIDS but you can use different products together.
    http://www-03.ibm.com/systems/power/software/aix/security/

    5) See here:
    http://www.oracle.com/us/products/database/056892.pdf
    http://www.oracle.com/technetwork/topics/security/whatsnew/index.html
    (Here are ton's of security info from Oracle)

    If you have any questions, ask.
    Kirill Babeyev
  • 7. Re: Security requirement for Oracle on AIX
    956095 Newbie
    Currently Being Moderated
    Hi Kirill Babeyev,

    Thank you for the response.
    1)     I went through the 3 links you have provided. What I find is; they mention about AV requirement for specific usage of AIX ( mail server / web server). The environment we are talking about is different from what these AV products are meant for. Correct me if I am wrong.
    a.     Could you give a real-time example( something that you had worked on, or heard to have been in place) of an AV product used on AIX servers used as Oracle DB and App server?
    b.     Similarly, with regards to HIDS, on AIX servers used as Oracle DB and App server could you give a real-time example( something that you had worked on, or heard to have been in place) ?

    4) & 5) These links are very helpful, I will go through all these.

    Regards,
  • 8. Re: Security requirement for Oracle on AIX
    956095 Newbie
    Currently Being Moderated
    Hello Srini,

    Thank you for the response.
    I will give a brief of the requirement. Let me know if you need more detail.
    Oracle server running database and application is hosted internally. They are accessed from within the corporate network and through VPN. They do not run any security software to protect itself from threats arising from internal sources or from a compromised PC connected via vpn. Since these servers run business application they are of utmost important and should be provided adequate security controls.
    Following are the version information.
    IBM AIX, 6.1
    Oracle Apps 11.5.10
    Database: 10.g

    Regards,

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points