Hi ric-o,

My experience of database servers in general, not only Oracle, is that they don't have an interactive AV on them. There is no point if they are in the background of your network. After all, if anything gets to them through your network, then it has passed your AV defences already, and a duplicate on the server won't detect it.

Where you need to be careful is with media and laptops. You need a strict and strong policy. Also, depending on your situation, it is a good idea to create sectors or sub-networks, so that segments that do not need to communicate with eachother cannot do so.

I am also used to servers being scanned remotely on a scheduled basis from a dedicated machine, but I guess that the motivation behind that was largely to save on licence fees