1 Oracle Database Vault Best Practices ORACLE WHITE PAPER MAY 2015
2 Table of Contents Executive Overview 2 Installation 3 Pre-Installation Notes 3 Separation of Duty 3 Separation of Duty Matrix 4 Oracle Database Administration 4 Oracle SYSTEM User 4 Oracle SYSDBA Access 4 ROOT and other Operating System Access 5 Naming Conventions 5 Defining Oracle Database Vault Realms 5 Planning Your Oracle Database Vault Protections 7 Post Installation Tasks 8 Appendix A Command Rule Tips 9 Appendix B Factor Tips 10 1 ORACLE DATABASE VAULT BEST PRACTICES
3 Executive Overview Oracle Database Vault provides powerful security controls for protecting applications and sensitive data. Oracle Database Vault prevents privileged users from accessing application data, restricts ad hoc database changes and enforces controls over who, when, where, and how application data can be accessed. Oracle Database Vault secures existing database environments transparently, eliminating costly and time consuming application changes. This paper provides best practices for rapid deployment of Oracle Database Vault protections to secure sensitive application data inside the database. It covers the following main topics:» Installation» Separation of Duty» Database Administration» Defining Oracle Database Vault Protections» Post Installation» Maintenance Considerations 2 ORACLE DATABASE VAULT BEST PRACTICES
4 Installation Starting with Oracle Database 12c, Oracle Database Vault is installed by default but not enabled. Customers can enable it using DBCA or from the command line using SQL*Plus in a matter of minutes. Oracle Database Vault can be enabled in existing environments where Oracle and third party applications are already installed. Subsequent installation of new applications or patching require Oracle Database Vault DV_PATCH_ADMIN role to be granted to the user doing the installation or patching. Pre-Installation Notes During the enablement process, DBCA provides the ability to create an account management responsibility. Oracle recommends creating this responsibility to provide enhanced separation of duties between Oracle Database Vault administration, database account management, and the DBA responsibilities. Customers can use Oracle Enterprise Manager Cloud Control 12c to manage Oracle Database Vault. Separation of Duty Separation of duty has taken on increased importance over the past 10 years. For many organizations separation of duty is a new concept that continues to evolve. Database consolidation, regulatory compliance and outsourcing are just a few of the drivers for increased separation of duty. Database Vault separation of duty strengthens security by separating out security related administration from day to day DBA operations. Database Vault allows organizations to tailor their Database Vault separation of duty implementation to easily adapt to current and future business requirements. Small organizations, in particular, need flexibility as they attempt to increase their security profile with limited resources. Before separation of duty can be successful, it is important to understand who performs basic administration tasks in your environment and what those administration tasks are. Even if a single DBA is responsible for managing both new database account provisioning and application patching, these individual tasks are important to document and plan for. Using separate administration accounts for these types of tasks provides increased accountability and reduces associated risks. In midsize to large organizations database administrators typically need to perform common administration tasks but they don t need access to business data managed by the application. Creating a matrix for your separation of duty can be a helpful exercise when planning your Database Vault deployment. Additional tasks and associated users can be added to this list. This information should become part of the overall enterprise security documentation for your organization. 3 ORACLE DATABASE VAULT BEST PRACTICES
5 Separation of Duty Matrix User, Process or Application Account Creation Database Administration Security Administration SYSDBA Backup Tuning Patching Monitoring MarySmith X X HirotoSato X EmmaSchmidt X MiguelSilva X FatmaYilmaz X SYSTEM RMAN X X Table 1 Example Separation of Duty Matrix In some cases, some of the system management tasks might require temporary access to data through specific tools and programs. Provisions for this temporary or emergency access need to be built into the Database Vault application protection rules. Oracle Database Administration Oracle recommends that customers who use the Oracle SYSTEM account for general DBA purposes create named DBA accounts for their database administrators. Doing so will provide increased accountability for administrative actions in the database. Oracle SYSTEM User Many applications developed in the past have used the Oracle user account SYSTEM for holding some application tables. It may be necessary to add the SYSTEM account to your Realm authorizations for some applications to continue working normally. Note that restrictions can be placed on the SYSTEM account to increase security in these scenarios. For example, an Oracle Database Vault rule set could be used to restrict connections as the SYSTEM user to specific IP addresses. Oracle SYSDBA Access Oracle recommends strictly limiting connections using the SYSDBA role. Only connect to the database using the SYSDBA role when absolutely necessary and for those applications that still require SYSDBA connections, such as Oracle RMAN and mandatory patching processes. For all other cases, create named database accounts to perform daily database administration. In the future, Oracle will be eliminating the requirement to connect as SYSDBA for any activity. 4 ORACLE DATABASE VAULT BEST PRACTICES
6 ROOT and other Operating System Access As noted in the Oracle Database Vault administrator's guide, Oracle Database Vault doesn't prevent highly privileged operating system users from directly accessing database files. For this kind of protection, Oracle s Transparent Data Encryption is recommended. Oracle recommends carefully reviewing and restricting direct access to the operating systems. Oracle recommends having personalized accounts to access the operating system. These personalized accounts should, in the Linux or UNIX environments, do sudo to the oracle software owner when needed. And with sudo you control which specific command each personalized user can execute. Naming Conventions Using a consistent and good naming convention when creating Database Vault security policies helps security administrators, auditors, and business users better understand what is being protected and how the different security elements relate to each other. Use the following naming convention when creating Database Vault security policies: Realms Rule Sets Rules Factors» Use the protected application's name as the realm name» In the realm description, describe the business objective of the given application protection and document all other security policies the compliment the realm's protection. You also need to document who is authorized to the realm, for what purpose, and any possible emergency authorizations.» Start the name with a noun and complete it with the realm or command rule name the rule set will be attached to» Document the business requirement of the rule set in the description field» Start the name with a verb and complete the name with the purpose of the rule» Rules don't have a description field, so make the name explicit but be sure to go over 90 characters» Start the name with a noun and complete the name with a description of the derived value. Table 2 Naming Conventions Defining Oracle Database Vault Realms Upon installation, Oracle Database Vault creates four realms out-of-the-box. One of the default realms is called the data dictionary realm. Named administrators will need to be added to the Data Dictionary realm as owners or participants. While the Oracle SYSTEM account can be added as an authorized user to the Data Dictionary realm, Oracle discourages customers from using this generic database account. Oracle Database Vault realms can protect a single object or an entire application schema. In most cases protecting the entire application provides a simplified yet robust protection model. Once a realm has been created, multiple users can be authorized to access the realm. Database objects (accounts, roles...) can be authorized in multiple realms. Assigning Roles Realm Authorization Be mindful of the privileges currently allowed to a role that you plan to add as a realm authorization. Realm authorization of a role can be accidentally granted and not readily apparent because the creator of a database role is implicitly granted the role when the role is created. As a result, if an account such SYSTEM creates a role and the Oracle Database Vault administrator subsequently adds this role as a realm authorization, then the SYSTEM user 5 ORACLE DATABASE VAULT BEST PRACTICES
7 would implicitly be given access to the realm. This is because the account that creates a role is implicitly granted the role when it is created. As a best practice, always create realm specific roles as the realm owner. Realm Authorizations 1. Application Owner - The application owner typically corresponds to the schema containing the objects associated with the application. This user can be designated as the realm owner. Application servers typically connect to the application using the application owner account. In addition, server based batch jobs may connect to the application owner either directly or via a proxy connection. 2. Application Users - Application users usually authenticate to the middle tier and communicate with the backend database through a one-big user model. The one big user connection usually authenticates to the application owner. You can limit the application owner account access to the database through the middle tier processes and restrict the access to the middle tier servers IP addresses or host names. To accomplish this, the customer would need to create a Rule Set. In this Rule Set the customer would need to create rules that specify the application user, the middle tier processes he can connect through, and the IP address/s of the middle tier or the middle tier s computer name/s. After that, another rule need to be added to this Rule Set that evaluates to true if the connecting user is not the application user. The Rule Set Evaluation Options must be set to Any True. Once this is done, a Command Rule can be created for the CONNECT command and the Rule Set can be associated with it. You can refer to the Oracle Database Vault security policies published for PeopleSoft for an example of this. 3. Application DBA - this user can be added to the application Realm as a participant and associated with a Rule Set that allows him / her to perform all required patching and maintenance of the application while prohibiting him / her form doing SELECT on application data. This user can be further restricted by limiting his / her access to specific day of the week, time of the day, and or computer or subnet he uses to access the Database. Additional customer-specific restrictions can be added based on the customer s security requirements. Defining Oracle Database Vault Rules Sets Rule sets can be created that restrict access based on time, specific hosts, subnets or any other Database Vault factors supplied out-of-the-box. In addition, custom factors can be created using the Oracle Application Context.» Each authorized user can be associated with a different Database Vault Rule Set.» Each authorized user can be associated with a different Rule Set that specifies conditions and restrictions on access to the objects protected by the realm. Command Rules Oracle Database Vault Command Rules can be used to protect application objects from modification. For example, command rules can be used to place restrictions on the drop table command. Once created, the command rule can be associated with a Database Vault rule set that is called Disabled. For patching or maintenance operations the command rule can be edited and associated with a rule set called Enabled. A separate white paper has been published with a suggested list of such Command Rules that need to be created and is downloadable from OTN (Oracle Technology Network web site Rule sets provide an easy way to group individual rules together into a meaningful set. You can share rules among multiple rule sets. This lets you develop a library of reusable rule expressions. Oracle recommends that you design such rules to be discrete, single-purpose expressions. As a naming convention, name your rule starting with a verb and complete the name with the purpose of the rule. For example, to create a rule that allows connections coming from certain IP addresses, name the rule: Allow Connect from Middle Tier IP Addresses. Name Rule Sets starting with a noun and complete the name with the name of the Command Rule, Factor, or Realm authorization that it will be associated with. For example, the name for the rule set that will be associated with the SADM user s access to the Siebel Realm will be: Siebel SADM Realm Access. In the Rule Set Description field, document the business requirements that are accomplished by this Rule Set. 6 ORACLE DATABASE VAULT BEST PRACTICES
8 Oracle Database Vault factors can be leveraged in your rule expressions to provide powerful checks and also to increase overall security by eliminating the requirement to manually define context values inside Oracle. Quite simply, factors provide contextual information to use in your security rules expressions. You can use custom event handlers to extend Oracle Database Vault security policies to integrate external systems for error handling or alerting. The Oracle Database Vault Administrator s Guide shows how utility packages such as UTL_TCP, UTL_HTTP, UTL_MAIL, UTL_SMTP, or DBMS_AQ can be used to achieve this type of integration and do things like sending an alert. An example of sending an alert is documented in the Database Vault Administration Guide. It's important to test rule sets thoroughly. When testing some rule sets, it's especially important to have a separate simultaneous connection as the Database Vault security administrator. For example, if you create a rule set for the CONNECT operation, you may need to disable the rule set so that you can change or fix an issue. By having the Database Vault administrator logged in simultaneously you are still able to disable the rule set. Otherwise you might be locked out of the database by a faulty rule set. It's also important to test individual rules and rule sets in non-production or test environments before applying the rules to protect sensitive data. You can test rule expressions directly with the following SQL statement: SQL> SELECT SYSDATE from DUAL where [rule expression goes here]; You can nest rule expressions inside a single rule. This helps satisfy more complex situations where you would need a logical AND for a subset of rules and a logical OR with the rest of the rules. See section 5-8 in the Oracle Database Vault administrator's guide for an example. Planning Your Oracle Database Vault Protections Planning your protection is an important part of the Oracle Database Vault deployment. Oracle Database Vault Realms, Command Rules, Rule Sets, and Factors can be used with a high degree of granularity. However, knowing the middle tier connections, batch jobs and processes that interact with the application is important before moving forward. Understanding Your Application Architecture First, it's important to understand the basic architecture of the application you wish to protect. For example, are the objects associated with the application spread across multiple database schemas or are they contained in a single database schema? This analysis should include all objects related to application data including tables, views, materialized views, and stored procedures. Identify the programs, processes, middle tier connections, database users, and application administrators that interact with the application objects. Once this information is obtained, the Oracle Database Realm definitions can be created and you can authorize who should be able to access application data. Application end users typically access application data through the middle tier. Some legacy applications may still use the client server architecture where end users have their own account in the database. More sophisticated applications may have application specific processes that run on the server hosting the Oracle Database. Application Protection Matrix Creating an application protection matrix will reduce the chances of overlooking authorization requirements during Database Vault deployment. Figure 3.0 below shows the PeopleSoft protection matrix. The y-axis shows the protection type (Realm, Command Rule) and the x-axis shows the authorizations and their associated rule sets. This matrix can serve as example on how to create one for your own custom applications. 7 ORACLE DATABASE VAULT BEST PRACTICES
9 Protection Type Authorized with Rule Set PeopleSoft Realm Owner Owner No Access No Access Select Command Rule Limit PSFTDB Rule Set No Access No Access Connect Command Rule PeopleSoft Access Rule Set No Access No Access Drop Tablespace Command Rule Disabled Rule Set Disabled Rule Set Disabled Rule Set Disabled Rule Set Table 3 Example PeopleSoft Protection Matrix Post Installation Tasks Document Documenting your security policies is important for demonstrating control processes to both internal and external auditors as well as providing operational continuity. Consideration should be given to documenting the following: Processes and procedures Database accounts SYSTEM access SYSDBA Reporting Emergency procedures» Backup» Patching» Tuning and monitoring» Purpose» Production status» SYSDBA access» When should SYSTEM be used» When should SYSDBA be used» Report names» Report frequency» Report distribution» When should security policies be disabled Table 4 Security Documentation Matrix Emergency Access In some cases it may be necessary to temporarily relax realm protections for an administrative task. Oracle recommends having the Security Manager (DV_ADMIN or DV_OWNER) log in, add the named account to the authorized accounts for the realm, and set the authorization rule set to Enabled. This approach is better than temporarily disabling the Realm because protections are still in place and the new authorizations have been limited. Then in the enabled rule set, turn on all auditing for the rule set. You can remove the realm authorization when the administrative task is complete. This case also applies to emergency situations and sometimes commonly called Break the Glass scenario. Customers can also use Mandatory Realms to setup protection around very sensitive tables that should be protected even during maintenance. A Mandatory Realm can be set and enabled around these tables and can be disabled once the maintenance and emergency access is finished. 8 ORACLE DATABASE VAULT BEST PRACTICES
10 Appendix A Command Rule Tips Following these guidelines for configuring command rules:» Create finer-grained command rules, because they are far easier to maintain. For example, if you want to prevent SELECT statements from occurring on specific schemas, design the command rule to stop the SELECT statement on the specific schema or table versus blocking SELECT statements in all cases.» When designing rules for the CONNECT event, be careful to include logic that does not inadvertently lock out the Oracle Database Vault Owner or Administrator. If the rule set associated with the CONNECT command rule blocks all sessions you will need to disable Oracle Database Vault and disable the associated rule set then enable Database Vault again, before being able to work again on designing the right rule set. See "Enabling and Disabling Oracle Database Vault" in Appendix B of the Oracle Database Vault administrator's guide for more information.» Sometimes you need to temporarily relax an enabled command rule for an administrative task. Rather than disabling the command rule, have the Security Manager (the account with the DV_ADMIN or DV_OWNER role) log in, set the rule set to Enabled, turn on Auditing on Success or Failure for the Enabled rule set, and then set the command rule back to its original rule set when the task is complete.» When designing Command Rules, be careful to consider automated processes such as backup where these procedures may be inadvertently disabled. You can account for these tasks by creating rules that allow the command when a series of Oracle Database Vault factors is known to be true, for example, the program being used, and the account being used or the computer or network on which the client program is running. 9 ORACLE DATABASE VAULT BEST PRACTICES
11 Appendix B Factor Tips Follow these guidelines for configuring factors:» Do not specify a retrieval method if the factor identification is set to Identified By Factors.» Retrieval methods are only needed if you set the factor to By Method or By Constant.» Consider using a validation method if a factor has an assignment rule set. Doing so helps to verify that invalid identities are not submitted.» Only specify an evaluation option of By Access if the value returned by the retrieval method could change from one invocation to the next in the same session, for example, time-based factors.» Optimize the internal logic of a function used for the factor retrieval method using traditional SQL and PL/SQL optimization techniques. For more information about performance and optimization, see Oracle Database Performance Tuning Guide.» If the discrete values returned by the retrieval method are known, be sure to define identities for each value so that you can assign trust levels for them. Trust levels add value to factors as you also can use the trust level in application logic based on factors.» A security policy based on more than one factor stronger than one based on fewer factors. You can create a new factor that is identified by other factors to store combinations of factors into logical grouping using identity maps. Client-supplied factors can only be trusted when the client software is trusted and the communications channel from the client software is known to be secure. Using multi-factor authorization dramatically increases the level of security.» You can design a database client application to pass one or more security, end-user, or environmental attributes so that they are available to an associated database session. To do this, create a single factor for each attribute and then use an assignment rule set to control when these attributes can be assigned, for example only when using a specific Web application on specified named application server computers. Oracle Database Vault factors when used in this fashion are very much like the Oracle procedure DBMS_SESSION.SET_IDENTIFIER but also include a capability to control when they can be set. For more information about the DBMS_SESSION package, see Oracle Database PL/SQL Packages and Types Reference. 10 ORACLE DATABASE VAULT BEST PRACTICES
12 Oracle Corporation, World Headquarters 500 Oracle Parkway Redwood Shores, CA 94065, USA Worldwide Inquiries Phone: Fax: CONNECT WITH US blogs.oracle.com/oracle facebook.com/oracle twitter.com/oracle oracle.com Copyright 2015, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.0115 Oracle Database Vault Best Practices May 2015
Oracle Database Vault DBA Administrative Best Practices ORACLE WHITE PAPER MAY 2015 Table of Contents Introduction 2 Database Administration Tasks Summary 3 General Database Administration Tasks 4 Managing
Creating Custom Project Administrator Role to Review Project Performance and Analyze KPI Categories Worked Example ORACLE PPM CLOUD SERVICES SOLUTION OVERVIEW MAY 2018 Disclaimer The following is intended
An Oracle White Paper September 2012 Security and the Oracle Database Cloud Service 1 Table of Contents Overview... 3 Security architecture... 4 User areas... 4 Accounts... 4 Identity Domains... 4 Database
Oracle Database Vault with Oracle Database 12c ORACLE WHITE PAPER MAY 2015 Table of Contents Introduction 1 Controls for Privileged Accounts 2 Privilege User Access Controls on Application Data with Realms
Generate Invoice and Revenue for Labor Transactions Based on Rates Defined for Project and Task O R A C L E P P M C L O U D S E R V I C E S S O L U T I O N O V E R V I E W D E C E M B E R 2017 Disclaimer
Oracle Data Masking and Subsetting Frequently Asked Questions (FAQ) S E P T E M B E R 2 0 1 6 Product Overview Q: What is Data Masking and Subsetting? A: Data Masking or Static Data Masking is the process
Oracle CIoud Infrastructure Load Balancing Connectivity with Ravello O R A C L E W H I T E P A P E R M A R C H 2 0 1 8 Oracle Cloud Infrastructure Ravello Cloud Service Oracle Cloud Infrastructure Ravello
Oracle Database 10g Release 2 Database Vault - Restricting the DBA From Accessing Business Data An Oracle White Paper August 2006 Oracle Database Vault Overview Oracle Database Vault enables you to Restrict
Oracle Cloud Applications Oracle Transactional Business Intelligence BI Catalog Folder Management Release 11+ ORACLE WHITE PAPER November 2017 ORACLE WHITE PAPER November 2017 Table of Contents Introduction
AUGUST 6, 2018 DISCLAIMER The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment
An Oracle White Paper: November 2011 Installation Instructions: Oracle XML DB XFILES Demonstration Table of Contents Installation Instructions: Oracle XML DB XFILES Demonstration... 1 Executive Overview...
Veritas NetBackup and Oracle Cloud Infrastructure Object Storage ORACLE HOW TO GUIDE FEBRUARY 2018 0. Disclaimer The following is intended to outline our general product direction. It is intended for information
Oracle DIVArchive Storage Plan Manager Feature Description ORACLE TECHNICAL WHITE PAPER UPDATED MAY 2015 Introduction: What Is a Storage Plan? Storage plans are policies managing the lifecycle of objects
Tutorial on How to Publish an OCI Image Listing Publish an OCI Image Listing F13637-01 JANUARY 2019 DISCLAIMER The following is intended to outline our general product direction. It is intended for information
JD Edwards EnterpriseOne Licensing Disabling Client Licensing for Various Tools Releases O R A C L E W H I T E P A P E R O C T O B E R 2 0 1 5 Disclaimer The following is intended to outline our general
Oracle Grid Infrastructure 12c Release 2 Cluster Domains O R A C L E W H I T E P A P E R N O V E M B E R 2 0 1 7 Table of Contents Introduction 2 Clustering with Oracle Clusterware 12c Release 2 3 Oracle
Loading User Update Requests Using HCM Data Loader Oracle Fusion Human Capital Management 11g Release 11 (11.1.11) Update 8 O R A C L E W H I T E P A P E R N O V E M B E R 2 0 1 7 Table of Contents Loading
ERP CLOUD Subledger Accounting ing Journals s Oracle Financials for EMEA Table of Contents 1. Purpose of the document 3 2. Assumptions and Prerequisites 3 3. Feature Specific Setup 4 Implementation 4 Assign
October 2017 Oracle Application Express Statement of Direction Disclaimer This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle.
Oracle Secure Backup Getting Started with Cloud Storage Devices O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 8 Disclaimer The following is intended to outline our general product direction. It
Oracle Database Security Assessment Tool With data breaches growing every day along with the evolving set of data protection and privacy regulations, protecting business sensitive and regulated data is
Oracle Data Provider for.net Microsoft.NET Core and Entity Framework Core O R A C L E S T A T E M E N T O F D I R E C T I O N F E B R U A R Y 2 0 1 8 Disclaimer The following is intended to outline our
Oracle Enterprise Performance Reporting Cloud What s New in September 2016 Release (16.09) August 2016 TABLE OF CONTENTS REVISION HISTORY... 3 OVERVIEW... 4 Give Us Feedback... 4 RELEASE FEATURE SUMMARY...
Siebel CRM Applications on Oracle Ravello Cloud Service ORACLE WHITE PAPER AUGUST 2017 Oracle Ravello is an overlay cloud that enables enterprises to run their VMware and KVM applications with data-center-like
A Joint Oracle Teradata White Paper September 2011 Configuring Oracle Business Intelligence Enterprise Edition to Support Teradata Database Query Banding Introduction... 1 Step 1. Query Band Configuration
April 2013 Understanding Federated Single Sign-On (SSO) Process Understanding Federated Single Sign-On Process (SSO) Disclaimer The following is intended to outline our general product direction. It is
Using the Oracle Business Intelligence Publisher Memory Guard Features August 2013 Contents What Are the Memory Guard Features?... 3 Specify a maximum data sized allowed for online processing... 3 Specify
Repairing the Broken State of Data Protection April 2016 Oracle s modern data protection solutions address both business continuity and disaster recovery, reducing IT costs and simplifying data protection
Oracle Grid Infrastructure Cluster Domains O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 8 Table of Contents Introduction 1 Clustering with Oracle Clusterware 3 Oracle Grid Infrastructure Architectures
Automatic Data Optimization with Oracle Database 12c O R A C L E W H I T E P A P E R S E P T E M B E R 2 0 1 7 Table of Contents Disclaimer 1 Introduction 2 Storage Tiering and Compression Tiering 3 Heat
Deploying Custom Operating System Images on Oracle Cloud Infrastructure O R A C L E W H I T E P A P E R M A Y 2 0 1 8 Table of Contents Purpose of This White Paper 3 Scope and Assumptions 3 Access Requirements
An Oracle White Paper December, 3 rd 2014 Oracle Metadata Management v220.127.116.11.1 Oracle Metadata Management version 18.104.22.168.1 - December, 3 rd 2014 Disclaimer This document is for informational purposes.
Oracle Fusion Configurator Configurator Modeling Walk Through O R A C L E W H I T E P A P E R M A R C H 2 0 1 8 Table of Contents Introduction 1 Assumptions 1 Product Information Management Setup 2 Item
Load Project Organizations Using HCM Data Loader O R A C L E P P M C L O U D S E R V I C E S S O L U T I O N O V E R V I E W A U G U S T 2018 Disclaimer The following is intended to outline our general
RAC Database on Oracle Ravello Cloud Service O R A C L E W H I T E P A P E R A U G U S T 2017 Oracle Ravello is an overlay cloud that enables enterprises to run their VMware and KVM applications with data-center-like
Oracle Flashback Data Archive (FDA) O R A C L E W H I T E P A P E R M A R C H 2 0 1 8 Table of Contents Disclaimer 1 Introduction 2 Tracking/Viewing Changes is Complicated 3 Enabling Flashback Data Archive
Oracle JD Edwards EnterpriseOne Object Usage Tracking Performance Characterization Using JD Edwards EnterpriseOne Object Usage Tracking ORACLE WHITE PAPER JULY 2017 Disclaimer The following is intended
Deploying the Zero Data Loss Recovery Appliance in a Data Guard Configuration ORACLE WHITE PAPER MARCH 2018 Table of Contents Introduction 1 Overview 2 Prerequisites 2 Deploying Recovery Appliances with
Oracle Cloud Infrastructure Virtual Cloud Network Overview and Deployment Guide ORACLE WHITEPAPER JANUARY 2018 VERSION 1.0 Table of Contents Purpose of this Whitepaper 1 Scope & Assumptions 1 Virtual Cloud
An Oracle White Paper February 2012 Benefits of an Exclusive Multimaster Deployment of Oracle Directory Server Enterprise Edition Disclaimer The following is intended to outline our general product direction.
Deploy VPN IPSec Tunnels on Oracle Cloud Infrastructure White Paper September 2017 Version 1.0 Disclaimer The following is intended to outline our general product direction. It is intended for information
Oracle Financial Services Regulatory Reporting for US Federal Reserve Lombard Risk Integration Pack Installation Guide Release 22.214.171.124.0 July 2017 Executive Summary This document includes the necessary
An Oracle White Paper September 2010 Handling Memory Ordering in Multithreaded Applications with Oracle Solaris Studio 12 Update 2: Part 2, Memory Introduction... 1 What Is Memory Ordering?... 2 More About
ORACLE DATABASE LIFECYCLE MANAGEMENT PACK ORACLE DATABASE LIFECYCLE MANAGEMENT PACK KEY FEATURES Auto Discovery of hosts Inventory tracking and reporting Database provisioning Schema and data change management
An Oracle White Paper September 2009 Methods for Upgrading to Oracle Database 11g Release 2 Introduction... 1 Database Upgrade Methods... 2 Database Upgrade Assistant (DBUA)... 2 Manual Upgrade... 3 Export
Oracle Warehouse Builder 10g Release 2 Integrating Packaged Applications Data June 2006 Note: This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality,
Bastion Hosts Protected Access for Virtual Cloud Networks O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 8 Disclaimer The following is intended to outline our general product direction. It is intended
An Oracle White Paper September 2010 Upgrade Methods for Upgrading to Oracle Database 11g Release 2 Introduction... 1 Database Upgrade Methods... 2 Database Upgrade Assistant (DBUA)... 2 Manual Upgrade...
Oracle Database 12c: JMS Sharded Queues For high performance, scalable Advanced Queuing ORACLE WHITE PAPER MARCH 2015 Table of Contents Introduction 2 Architecture 3 PERFORMANCE OF AQ-JMS QUEUES 4 PERFORMANCE
Oracle Business Activity Monitoring 12c Best Practices ORACLE WHITE PAPER DECEMBER 2015 Disclaimer The following is intended to outline our general product direction. It is intended for information purposes
An Oracle White Paper October 2013 Deploying and Developing Oracle Application Express with Oracle Database 12c Disclaimer The following is intended to outline our general product direction. It is intended
PeopleSoft Fluid Navigation Standards Fluid User Experience ORACLE WHITE PAPER OCTOBER 2015 Disclaimer The following is intended to outline our general product direction. It is intended for information
Migrating VMs from VMware vsphere to Oracle Private Cloud Appliance 2.3.1 O R A C L E W H I T E P A P E R O C T O B E R 2 0 1 7 Table of Contents Introduction 2 Environment 3 Install Coriolis VM on Oracle
ACSLS Manager Software Overview and Frequently Asked Questions Overview Management of distributed tape libraries is both timeconsuming and costlyinvolving multiple libraries, multiple backup applications,
Establishing secure connections between Oracle Ravello and Oracle Database Cloud O R A C L E W H I T E P A P E R N O V E M E B E R 2 0 1 7 Table of Contents APPLICATION ARCHITECTURE OVERVIEW 2 CONNECTING
An Oracle White Paper June 2011 Oracle Service Registry - Oracle Enterprise Gateway Integration Guide 1 / 19 Disclaimer The following is intended to outline our general product direction. It is intended
Improve Data Integration with Changed Data Capture An Oracle Data Integrator Technical Brief Updated December 2006 Improve Data Integration with Changed Data Capture: An Oracle Data Integrator Technical
Oracle Financial Consolidation and Close Cloud What s New in the November Update (16.11) November 2016 TABLE OF CONTENTS REVISION HISTORY... 3 ORACLE FINANCIAL CONSOLIDATION AND CLOSE CLOUD, NOVEMBER UPDATE...
Oracle JD Edwards EnterpriseOne Object Usage Tracking Performance Characterization Using JD Edwards EnterpriseOne Object Usage Tracking ORACLE WHITE PAPER NOVEMBER 2017 Disclaimer The following is intended
Oracle Privileged Account Manager Disaster Recovery Deployment Considerations O R A C L E W H I T E P A P E R A U G U S T 2 0 1 5 Disclaimer The following is intended to outline our general product direction.
Pricing Cloud: Upgrading to R13 - Manual Price Adjustments from the R11/R12 Price Override Solution O R A C L E W H I T E P A P E R A P R I L 2 0 1 8 Disclaimer The following is intended to outline our
An Oracle White Paper January 2013 Oracle Hyperion Planning on the Oracle Database Appliance using Oracle Transparent Data Encryption Executive Overview... 3 Introduction... 3 Hyperion Planning... 3 Oracle
TABLE OF CONTENTS DOCUMENT HISTORY 3 UPDATE 18A 3 Revision History 3 Overview 3 Order Management 4 Test to Production Rule Migration 4 Pricing 4 Improve Price List Import 4 Manage Pricing Rules and Pricing
Technical Upgrade Guidance SEA->SIA migration Oracle Siebel Customer Relationship Management Applications Siebel Industry-Driven CRM November 2011 This document is intended to outline our general product
WebCenter Portal Task Flow Customization in 12c O R A C L E W H I T E P A P E R J U N E 2 0 1 7 Disclaimer The following is intended to outline our general product direction. It is intended for information
Oracle Enterprise Data Quality 126.96.36.199 New Features Overview Integrated Profiling, New Data Services, New Processors O R A C L E W H I T E P A P E R J U L Y 2 0 1 6 Table of Contents Executive Overview
Technical White Paper August 2010 Migrating to Oracle 11g Using Data Replicator Software with Transportable Tablespaces Migrating to Oracle 11g Using DRS with Transportable Tablespaces Contents Contents...
MySQL CLOUD SERVICE Propel Innovation and Time-to-Market The #1 open source database in Oracle. Looking to drive digital transformation initiatives and deliver new modern applications? Oracle MySQL Service
An Oracle White Paper October 2012 Release Notes - V188.8.131.52.0 Oracle Utilities Application Framework Introduction... 2 Disclaimer... 2 Deprecation of Functionality... 2 New or Changed Features... 4 Native
JD Edwards EnterpriseOne User Experience K E Y F E A T U R E S A N D B E N E F I T S Highly interactive interface that leverages Dynamic HTML and provides immediate feedback to the user. UX One role-based
Oracle Database Lite Automatic Synchronization White Paper An Oracle White Paper August 2008 Oracle Database Lite Automatic Synchronization White Paper OVERVIEW Oracle Database Lite allows field workers
Increasing Network Agility through Intelligent Orchestration The Oracle Communications Application Orchestrator advantage ORACLE WHITE PAPER OCTOBER 2015 Table of Contents Introduction 1 Network Virtualization
How to Monitor Oracle Private Cloud Appliance with Oracle Enterprise Manager 13c O R A C L E W H I T E P A P E R J U L Y 2 0 1 8 Introduction 2 Configuration of Oracle Enterprise Manager 13c to discover
Overview Faced with ever increasing computing needs and budget constraints, companies today want to set up infrastructures that offer optimal value, can easily be re-purposed, and have reduced complexity.
Oracle Communications Interactive Session Recorder and Broadsoft Broadworks Interoperability Testing Technical Application Note Disclaimer The following is intended to outline our general product direction.