| Possible Combinations between RMAN and TDE [message #385009] |
Fri, 06 February 2009 02:45  |
TomG
Messages: 11
Registered: December 2008
|
Junior Member |
|
|
Hello,
I understand that TDE protects the live data while Secure backup protects the backup itself (application structure, users/passwords...).
But I would need some clarifications about possible behaviours of RMAN with a TDE Database.
I cannot find any document summarizing all the cases. All stuff I found always use RMAN Encryption as soon as TDE is used (ie wallet exists).
If I need DB Encryption via TDE I may consider to backup it normally (ie no backup encryption).
I've made some tests but I'd like to get your opinion please. Can you please let me know if following assumptions are (always) TRUE ?
1. Database containing encrypted columns (with TDE) can be backed up like any *normal* database, ie no obligation *at all* to use RMAN Encrypted Backup feature.
In this case intially encrypted data backed up are still protected in any restore as wallet is always needed.
2. Database containing encrypted columns (with TDE) can be backed up whatever the wallet status (closed or open)
3. Only RMAN Encrypted Backup requires the wallet to be OPEN
4. As summary :
-------------------------------------
| RMAN (NoCatalog) |
----------------------------------------------------------
| Database using TDE | Uncrypted Backup | Crypted Backup |
----------------------------------------------------------
| Wallet Closed | OK | FAILS |
----------------------------------------------------------
| Wallet Open | OK | OK |
----------------------------------------------------------
Thanks,
Tom
|
|
|
|
|
|
| Re: Possible Combinations between RMAN and TDE [message #385022 is a reply to message #385013] |
Fri, 06 February 2009 03:46  |
TomG
Messages: 11
Registered: December 2008
|
Junior Member |
|
|
Thanks for your answer.
I would need further clarification on : | Quote: | Wallets refered by encrypted backup and TDE are different ones
|
As per 10gR2 Database Backup and Recovery Advanced User's Guide :
| Quote: | Both transparent mode and dual mode depend upon the Oracle Encryption Wallet. See Oracle Advanced Security Administrator's Guide for details about configuring the Oracle Encryption Wallet.
...
When using transparent encryption, you must first configure the Oracle Encryption Wallet, as described in the documentation for Oracle's Transparent Data Encryption feature. After the Oracle Encryption Wallet is configured, encrypted backups can be created and restored with no further DBA intervention.
|
Encryption Backup wallet seems refer to TDE one. Could you please give me more details ?
Thanks.
|
|
|
|
|
|
|
|
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
