O121-BP-023000 - Connections by mid-tier web and application systems to the Oracle DBMS from a DMZ or external network must be encrypted.

Information

Multi-tier systems may be configured with the database and connecting middle-tier system located on an internal network, with the database located on an internal network behind a firewall and the middle-tier system located in a DMZ. In cases where either or both systems are located in the DMZ (or on networks external to DoD), network communications between the systems must be encrypted.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure communications between the DBMS and remote applications/application servers to use DoD-approved encryption.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_12c_V3R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-219841r961863_rule, STIG-ID|O121-BP-023000, STIG-Legacy|SV-75937, STIG-Legacy|V-61447, Vuln-ID|V-219841

Plugin: OracleDB

Control ID: 534223ac07651dabb2e0443dac6daac116d886bb1bbea2c4d2c0cd14dc19d485