sunhux
asked on
Does oracle 11g comes with TDE & is implementing TDE quite seamless?
We are currently on Oracle 11.2.0.3.0 & plan to
tech refresh to Oracle 11g with Transparent
Data Encryption (TDE).
Q1:
Is TDE just a paper license & the TDE feature
comes with both Oracle 11.2.0.3.0 & 11g &
we just have to enable TDE?
Q2:
We have several subsystems that are accessing
this Oracle DB which has several tables containing
PII data. Heard that implementing TDE is quite
seamless : just enable TDE & no changes needed
in the applications?
Q3:
Besides a bit of overhead/slowness, did anyone
out there encounter specific handling to turn on
TDE? Do we need create keys & store the keys
in safe place, etc ...?
Q4:
Will an entry level Oracle DBA able to implement
TDE or it'll require Professional Service from
Oracle? Trying to gauge the difficulty level as
our only DBA just left & in case an entry-level
DBA is hired.
tech refresh to Oracle 11g with Transparent
Data Encryption (TDE).
Q1:
Is TDE just a paper license & the TDE feature
comes with both Oracle 11.2.0.3.0 & 11g &
we just have to enable TDE?
Q2:
We have several subsystems that are accessing
this Oracle DB which has several tables containing
PII data. Heard that implementing TDE is quite
seamless : just enable TDE & no changes needed
in the applications?
Q3:
Besides a bit of overhead/slowness, did anyone
out there encounter specific handling to turn on
TDE? Do we need create keys & store the keys
in safe place, etc ...?
Q4:
Will an entry level Oracle DBA able to implement
TDE or it'll require Professional Service from
Oracle? Trying to gauge the difficulty level as
our only DBA just left & in case an entry-level
DBA is hired.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Q7
As we are porting data from older version to newer version,
guess we'll need to export out the data & then import into
the new DB. Is the encryption applied on the new DB prior
to importing data into it or after importing into it, then only
enable encryption?
Q8:
Can point me to a instructions URL or book for enabling Oracle TDE?
As we are porting data from older version to newer version,
guess we'll need to export out the data & then import into
the new DB. Is the encryption applied on the new DB prior
to importing data into it or after importing into it, then only
enable encryption?
Q8:
Can point me to a instructions URL or book for enabling Oracle TDE?
ASKER
Q9:
>cryptographic hardware acceleration for TDE
We plan to host the new DB on an RHEL 7. To be able to use the above
acceleration, does it need to be a physical server or VM would do?
By about how many % faster is IO read & write enhanced with this acceleration?
Would this enhancement be mainly on sequential or indexed IO?
>cryptographic hardware acceleration for TDE
We plan to host the new DB on an RHEL 7. To be able to use the above
acceleration, does it need to be a physical server or VM would do?
By about how many % faster is IO read & write enhanced with this acceleration?
Would this enhancement be mainly on sequential or indexed IO?
ASKER
Btw, between our primary DC & warm site DC, we have a
SAN to SAN dark fibre to synchronize the DB's data, so let
me know if there's any impact/implication with encryption
SAN to SAN dark fibre to synchronize the DB's data, so let
me know if there's any impact/implication with encryption
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Actually we plan to test it out first in a test DB prior to purchasing. So if there's no serial#, licence key to enter,
we could get our new DBA (the only current DBA leaving in a couple of days) to test it out first
Q5
Would it be simpler to encrypt the entire DB, selective tables (we have about ten of them that contains PII) or selective columns
(one column of PII for the very same ten tables)?
Q6
With with versions of Oracle does TDE come with it?