Purpose: Determine that the database network has been designed to support the availability requirements and security needs of the database application.
A. Obtain a network diagram of the database servers and their logical and physical connections to the rest of the network:
1. Determine that a high speed, high bandwidth transmission media is used to support high-use SQL networking between network components (i.e., between database servers and application servers).
2. Ensure that redundant links (e.g., interfaces, hubs, and routers) are used to support system availability requirements.
3. Determine that separate maintenance ports(network interfaces) are used for administration and maintenance access.
4. Using the netstat command, review the routing and IP addressing used for database servers. Ensure that high-bandwidth SQL traffic is restricted to a separate IP subnetwork and kept separate from the maintenance ports.
B. Obtain router configuration files for the routers which connect the database servers to the user networks:
1. Review for access list rules for SQL*Net traffic (tcp ports 1521 and 1525).
2. Ensure that all traffic on these ports is either blocked or restricted to authorized destination IP addresses and source addresses.
3. Ensure that the hot swap routing protocol (hsrp) is in use to ensure that redundant routes are made available to the database servers in case of device failure
C. For SQL*Net, version 2, review the contents of the tnsnames.ora file. Ensure that each listed system is an authentic and authorized remote database server.