By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
I am using a server as a proxy server to the actual Oracle 9i database. Our customer has requested that serveral tiers be established for the production database. Prior to the first tier, there will be a server that users will pass through to go to the tier that has the database. Each tier will have a firewall in between. The server that has the database will not have anything else running on it except the database. I'm not sure of the optimum way to set up the first server (pass through). Is there any special way to allow a user to log into the server and connect with the database server? Isn't this the same as using this first server as a client? Will it talk to the database via tnsnames and SQLNET? Am I on the right track?
Usually, the tiers you're describing are "middle tier" systems running application servers of some type. Your "first" server will likely be a web server where the application runs. It will make connections to the database (likely via JDBC or ODBC) which is on a different host. You should not need to configure these hosts any differently than normal except that you should pay special attention to securing the hosts and the installations since this is likely an internet-facing application. The application code is where there's the biggest chance for security vulnerabilities (SQL injection being the most common), so you may want to have an expert do a security review on your code before deployment.
Dig Deeper on Oracle database security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.