References-
1. Creating
Duplicate database in RMAN using password-mode encrypted backups (Doc ID
464832.1)
Objective –
1. RMAN
backups on NAS are at risk and can be copied easily on intranet.
2. They
can be restored, and critical information can be fetched easily.
3. Encryption
of these backups is need of the hour.
4. Need
to find a simple yet reliable solution to solve this security breach.
Security risk
Proposed Solution –
RMAN
backups are now password protected and we are safe even if backup files are
stolen. This feature of Oracle will stop hackers restore our backup files and
will ask for a password before restoring onto any other server.
Real-time sample Use-case
Complete
level-0 backup taken on Friday as highlighted – post estimation for s3 storage
When trying
to restore onto a different server(Stage in our case).
After setting
password, restore was successful.
Enabling password protection
Change
configuration parameter as follows and set password accordingly before starting
backup –
Now when
restoring, provide same password with set decryption configuration parameter.
This needs to
be done outside run block.
No comments:
Post a Comment