Security parameter in on-prem oracle to azure sql database migration through ADF.

Rahul 251 Reputation points
2023-11-03T05:59:22.4633333+00:00

Hi,

I am performing the migration from the oracle on premises to the Azure SQL database using the Tool- Azure Data factory.(Self hosted Integration runtime-Virtual Machine)

Question-1- When the oracle data is loaded to the Azure data factory through the self hosted integration is that connection secure?

The data load from oracle to the ADF - SHIR is secure, through which mechanism ?

Question-2- What is the security connection in the above case, provided by azure?

Question-3 Can we make it secure by enabling the TLS 1.2 configuration on the oracle server and the ADF SHIR configuration ?

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
10,566 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Boris Von Dahle 3,121 Reputation points
    2023-11-03T06:48:52.32+00:00

    Hello,

    Yes, the connection from Oracle to ADF through SHIR is secure. It utilizes encrypted channels for data transmission.

    If the cloud data store supports HTTPS or TLS, all data transfers between data movement services in Data Factory and a cloud data store are via secure channel HTTPS or TLS.

    Azure provides a secure connection through TLS 1.2 encryption for data in transit between Oracle and Azure Data Factory.

    To enable encryption in transit while moving data from Oracle follow one of the below options:

    1. In Oracle server, go to Oracle Advanced Security (OAS) and configure the encryption settings, which supports Triple-DES Encryption (3DES) and Advanced Encryption Standard (AES), refer here for details. ADF automatically negotiates the encryption method to use the one you configure in OAS when establishing connection to Oracle.
    2. In ADF, you can add EncryptionMethod=1 in the connection string (in the Linked Service). This will use SSL/TLS as the encryption method. To use this, you need to disable non-SSL encryption settings in OAS on the Oracle server side to avoid encryption conflict.

    Absolutely, enabling TLS 1.2 on both the Oracle server and ADF SHIR configuration will further enhance the security of your data during migration. Ensure that non-SSL encryption settings in Oracle Advanced Security are disabled to prevent any encryption conflicts.

    More info on this subject here : https://learn.microsoft.com/en-us/azure/data-factory/data-movement-security-considerations

    Hope this helps

    Regards

    0 comments No comments

  2. ShaikMaheer-MSFT 38,441 Reputation points Microsoft Employee
    2023-11-03T10:23:40.8766667+00:00

    Hi Kashish,

    Thank you for posting query in Microsoft Q&A Platform.

    ADF will not have any its own storage or compute to load data in ADF. Data will always directly move between source and sink. ADF will use Selfhosted IR, which in turn uses source and sink systems compute and infra to perform data movement. So technically data is not moving to ADF, it's from source to sink directly. Hence using Selfhosted IR its always secure.

    Hope this helps. Please let me know if any further queries.


    Please consider hitting Accept Answer button. Accepted answers help community as well. Thank you.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.