Oracle Network Data Integrity¶
Table of Contents
Introduction¶
Oracle Native Data Integrity is the preferred method of ensuring the integrity of data in transit for connections to Oracle for both Gluent Offload Engine and Sqoop or Spark components acting on behalf of Gluent Data Platform.
Tip
Network encryption (native network encryption, network data integrity, and SSL/TLS) and strong authentication services (Kerberos, PKI, and RADIUS) are no longer part of Oracle Advanced Security and are available in all licensed editions of all supported releases of Oracle Database.
Refer to the Database Security Guide in the Oracle Database Documentation for further details on the settings described here.
SQLNet Profile Configuration¶
Add the following to $ORACLE_HOME/network/admin/sqlnet.ora on all Oracle servers where Gluent Data Platform is installed:
SQLNET.CRYPTO_CHECKSUM_SERVER = ACCEPTED
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER = SHA1
Add the following to the $OFFLOAD_HOME/../sqlnet.ora file on all servers where Gluent Data Platform is installed:
SQLNET.CRYPTO_CHECKSUM_CLIENT = REQUIRED
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT = SHA1
The above configuration ensures the Oracle instance accepts crypto-checksumming (integrity) connections when required by Gluent Data Platform connections but does not enforce it for other connections.
Update Gluent Environment File¶
Add the following line to offload.env if it is not already set:
export TNS_ADMIN=$OFFLOAD_HOME/..
Important
Any changes made to the Gluent Data Platform environment file (offload.env) must be propagated across all installations.