The Hunger Site

Monday, October 26, 2009

Security and Grid Control

A Senior Infrastructure Architect wrote:

"I am coming across distinct resistance towards using OEM Grid from those concerned with security around listener ports and data content - on a colocated management infrastructure (same data centre as the given databases)."

My reponse to this was:

"Any large corporate's security team does have quesions about Grid Control, but this is mainly due to lack of information. Grid Control is fully secure.

Firstly you can have the console protected by a security certificate (https), you can also have the traffic between the agent and the management service in https instead of http, and also it has two levels of security - first, the Grid control admin security (you have to create separate admins for target groups) and then the database login itself. The sysman password should be withheld from most users of Grid control.

If the security department wants tighter security, please recommend Oracle's Advanced Security Option which allow sql net encryption of all sql traffic and data encryption in the database. Regarding listener ports, you can password protect the listeners. Firewall needs to be opened up for certain other ports of Grid control.

We were using Grid Control in a large corporate site with more than 700 databases and found no issues.

Its a great product so do try to convince your security team. The benefits to the company are immense, and it also improves the life of the DBA teams - it leaves them with more quality time to do their senior DBA stuff, like architecture etc, instead of worrying about scripts for RMAN backups and the setup of Dataguard, or applying patches on multiple databases, which are just some examples of the many things automated by Grid Control. "


Wednesday, October 21, 2009

EM Desktop Widgets released

Rejeeb Mohammed, User Experience Designer in the EM User Experience Team has sent the following information:

I am so pleased to let you know that, EM grid control team has released the
first set of desktop widgets in oracle open world. EM Desktop Widgets are
lightweight internet applications ( built in Adobe's AIR environment) that
provide persistent desktop access to key Enterprise Manager monitoring and
diagnostic information.

There are 3 widgets available in the initial
release:

Target Search & Monitoring : This widget provides rapid
access to EM targets through quick and easy target searching. Also you can mark
targets as your favorites and monitor their status in real time.

High
Load DB : Provides a summary of the top 5 databases ordered by the Average
Active Sessions performance or load metric.

Service Level and
Monitoring: This widget provides a summary view of a set of services including
the service status and availability, and a status of SLA’s associated with the
service including any alerts.

I encourage you to download the widgets
from http://www.oracle.com/technology/products/oem/widgets/index.html,
and use them.

We absolutely need your feedback to determine what's good
and what's not with the current widgets. We will use this information to
determine the direction of future widgets.

Oracle Open World 2009


I visited Oracle Open World 2009 on invitation by Oracle. I had a press card due to this Enterprise Manager blog that I maintain. I met a number of fellow Oracle ACE directors such as Arup Nanda, Steven Feuerstein and so on.
I had a good look at the new Exadata V2 OLTP database machine from Oracle - the first machine to achieve over 1 million IOs (8K) per second in a single rack. Exciting stuff.


Disclaimer

Opinions expressed in this blog are entirely the opinions of the writers of this blog, and do not reflect the position of Oracle corporation. No responsiblity will be taken for any resulting effects if any of the instructions or notes in the blog are followed. It is at the reader's own risk and liability.

Blog Archive