8i | 9i | 10g | 11g | 12c | 13c | 18c | 19c | 21c | Misc | PL/SQL | SQL | RAC | WebLogic | Linux

Home » Misc » Here

Comments for Service-Level Access Control Lists (ACLs) - Database Service Firewall in Oracle Database 12c Release 2 (12.2)


Clam said...

Hi Tom, any information if this can be used with Enterprise Edition, or if it needs a special licence like Advanced Security ?

Tim... said...

Hi.

The Database Firewall is part of a combined license with Audit Vault. As far as I understand, this is covered by that separate license option, on top of EE. I've added a note about this to the article.

Cheers

Tim...

Ulrike (Oracle) said...

Tim, that has nothingto do with Database Firewall. See Database New Features Guide about Service-Level ACLs for TCP Protocol https://docs.oracle.com/en/database/oracle/oracle-database/12.2/newft/new-features.html#GUID-B10C0680-4BC9-4C6A-9FD3-0BC2E18F44FD or our German Posting in June about it: https://apex.oracle.com/pls/apex/germancommunities/dbacommunity/tipp/6101/index.html

Tim... said...

Hi.

OK. I'll remove that note. I can see a couple of other people, including Martin Berger, saying it's not part of that option. I'll remove that callout from the post.

Note. The post you link to doesn't mention this (at least after the Google translation).

Cheers

Tim...

Tim... said...

Clam : Seems I was wrong about this, so you are good to use it.

Cheers

Tim...

Alex said...

Hi Tom,

Any idea if ACLs can be enabled on standby as well?
I tried to replicate the DBMS_SFW_ACL_ADMIN to DR, but it only shows up dbsfwuser.ip_acl and not in v$ip_acl.
No connections will get through to DR as FIREWALL=ON seems to enforce security, but the ACLs do not get activated.

Thanks!

Tim... said...

Hi.

I really don't know. I think the best thing to do is to raise a SR on Oracle Support to ask about it.

Cheers

Tim...

DO NOT ask technical questions here! They will be deleted!

These comments should relate to the contents of a specific article. Constructive criticism is good. Advertising and offensive comments are bad and will be deleted!

If you post personal information (name, email address etc.) you are agreeing to them being stored and displayed. Feel free to remain anonymous.