Install only the components you require.

Lock and expire default user accounts.

Use a strong directory server password policy for user authentication.

Enforce the use of access controls by using the Authorization Policies.

Require clients to authenticate.

Restrict network access by doing the following:

• Use firewalls.

• Never leave an unnecessary hole in a firewall.

• Monitor who accesses your systems.

• Restrict system access by IP addresses.

• Encrypt network traffic.

Apply all security patches and workarounds.

Encrypt sensitive information.

Contact Oracle Security Products if you discover a vulnerability in any Oracle product.