Encrypt Red Hat OS that runs Oracle 11G

We currently have an Oracle 11G server that runs on the Red Hat 6 OS.  HIPPA requirements are forcing us to encrypt data at rest so we thought it would be easiest to use the OS encryption in Red Hat.  If the OS is encrypted, how does this affect Oracle?  can the encryption be turned on now or does it need to be enabled before Oracle is installed?
NytroZAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seth SimmonsSr. Systems AdministratorCommented:
i've used trucrypt in the past and worked well though i wouldn't suggest it now since work on it ended a few months ago and could be insecure

dm-crypt/LUKS is also a method of encryption but can't be done with data already on the partition

not sure if it's an option for you, but you could build a new system, encrypt it with the native RHEL tools (dm-crypt/LUKS), then migrate the oracle database(s) over
0
NytroZAuthor Commented:
I think I will eventually need to encrypt certain tables in the database at some point as well so with that in mind does dm-crypt figure into that at all?
0
Seth SimmonsSr. Systems AdministratorCommented:
no, oracle database encryption is completely separate; dm-crypt is for the file system

Transparent Data Encryption (TDE) Frequently Asked Questions
http://www.oracle.com/technetwork/database/security/tde-faq-093689.html

i saw this question because it was tagged with linux; i'm not an oracle expert so i'll let someone else speak more about that part
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
slightwv (䄆 Netminder) Commented:
TDE is a way to protect column data.

Of course, it has a cost as it is a separate license.

Advanced Security also has other features that are guaranteed to meet your HIPPA requirements.

Their main page even mentions HIPPA:
Helps address regulatory requirements, including PCI DSS and HIPAA HITECH

http://www.oracle.com/us/products/database/options/advanced-security/overview/index.html
0
gheistCommented:
Indded dm-crypt is for raw disks (think ASM), that includes filesystems on them
LVM also has same sort of transparent encryption and a bit more flexibility
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Oracle Database

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.