Information
The setting sqlnet.crypto_checksum_server=required requires that the connections to the database are encrypted through Oracle SQL*Net native encryption. The encryption setting implements data-in-transit encryption for the Oracle database connections. This setting is configured in the sqlnet.ora file on the database server.
Rationale:
Without this setting, malicious users could potentially eavesdrop on the database connections, compromising the confidentiality of the data.
Impact:
The setting sqlnet.encryption_server=required could reject/deny connection requests from those database users who don't support the Oracle native network encryption.
Solution
To remediate this recommendation:
Use a text editor such as vi to set:
sqlnet.crypto_checksum_server = required
Additional Information:
Oracle database network encryption configured through TLS/SSL is also an acceptable mechanism and may be implemented in lieu of this setting.