Migration Connectivity Options – DB Migration to OCI….

There are several connectivity options when migrating databases to the Oracle Cloud Infrastructure. The options are listed below in order of preference.

  1. FastConnect: Provides a secure connection between your existing network and your virtual cloud network (VCN) over a private physical network instead of the Internet.
  2. IPSec VPN: Provides a secure connection between a dynamic routing gateway (DRG) and customer-premise equipment (CPE), consisting of multiple IPSec tunnels. The IPSec connection is one of the components forming a site-to-site VPN between a VCN and your on-premises network.
  3. Internet Gateway: Provides a path for network traffic between your VCN and the Internet.

Physical Security of the Compute Node

The physical security of the server that hosts the database deployment compute node and database allocated to the customer is handled by Oracle. Customers have no access to the physical server.

Operating System Credentials to Access the Compute Node

The following users are created when the database deployment is created:

  • oracle: Minimal privileged Linux user (normal shell access, lo login privileges)
  • opc: Privileged Linux user (root commands access)

Logging in to the database deployment compute node requires secure access from remote hosts by using a secure Linux shell. When a database deployment is created, network access to the database deployment’s compute node is limited by default to SSH connections on port 22. This restricted access ensures that the instance is secure by default. To be able to log in to the compute node, the OS user authenticates by using an SSH key pair.

Operating System Security

On the database deployment compute node, the user can perform the following operations:

  • Load and run software in the compute node environment
  • View log files from the instance creation stored in subdirectories of /var/opt/oracle/log
  • User is responsible for OS security patches available through yum as root.

On the database deployment database instance, the oracle OS user has full administrative privileges.