Oracle Corp.'s plan to offer a single-browser-based view in its Oracle Enterprise Manager is being greeted with glee by users.
Oracle Corp.s plan to offer a single-browser-based view in its Oracle Enterprise Manager is being greeted with glee by users, particularly in light of a major Oracle database vulnerability discovered late last month.
Oracle, at the International Oracle User Group conference in Orlando, Fla., late last month, outlined its vision of a self-managing database that depends on an enhanced version of OEM.
This upgrade, due with the next release of Oracle Application Server this summer, will allow database administrators to see information from all databases, as opposed to being forced to monitor and manage each system, said officials at the Redwood Shores, Calif., company.
The consolidated OEM view may fill a hole in Oracles database security interface, said Jim Wolff, a senior DBA and manager for MIS operations at Space Gateway Support, Kennedy Space Center, Fla.
"As a DBA working with Oracle products since about 1988, [Id say] they have good security for the most part, but everything has vulnerabilities," Wolff said. "Where [Oracle is lacking] is in the ability to provide for an easy-to-use interface for the DBAs to monitor auditing and those kinds of things."
Currently, those activities take a large bite out of DBAs time, Wolff said. "You have to develop your own scripts and interfaces," he said. "Thats a really big hole."
Another feature of the OEM upgrade will be the ability to not only track what patches have been applied but also to automatically link to Oracles online support site, OracleMetaLink. This will allow DBAs to automatically receive patches.
Thats yet another thing thats been sorely needed in database security, according to Aaron Newman, chief technology officer and co-founder of Application Security Inc. "A typical DBA doesnt have one or two serversthey track 50," said Newman, in New York. "So it helps to have a tool to help them go across 50 servers to find out what patch was applied where. A tool like that is pretty necessary, not only for security but for data corruption issues."
Oracle DBAs have had enough on their hands patching a major vulnerability in Oracle databases that came to light late last month. The unchecked buffer overflow vulnerability allows virtually any Oracle user to perform the "create database link" taska privilege assigned to the "connect" role by default. A patch for the vulnerability, which occurs in many versions of the Oracle database from Version 7 to the present 9i Release 2, is available on OracleMetaLink.
Lisa Vaas is News Editor/Operations for eWEEK.com and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on eWEEK.com, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.