O112-BP-023000 - Connections by mid-tier web and application systems to the Oracle DBMS from a DMZ or external network must be encrypted.

Information

Multi-tier systems may be configured with the database and connecting middle-tier system located on an internal network, with the database located on an internal network behind a firewall and the middle-tier system located in a DMZ. In cases where either or both systems are located in the DMZ (or on networks external to DoD), network communications between the systems must be encrypted.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure communications between the DBMS and remote applications/application servers to use DoD-approved encryption.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11-2g_V2R4_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-219713r879887_rule, STIG-ID|O112-BP-023000, STIG-Legacy|SV-68237, STIG-Legacy|V-53997, Vuln-ID|V-219713

Plugin: OracleDB

Control ID: f3b1b6f1e25cdc4b0739f98a0b2fb3a5909d5b8a07c5af1953abfe4e3d37ea50