|Oracle® Guardian Release Notes
Part Number E15057-01
This document describes the new and changed features in Oracle Guardian 10.3.2 and also provides a description of known and resolved issues.
This document includes the following topics:
The following sections describe new and changed functionality in this Oracle Guardian release:
The following sections describe what's new in Guardian 10.3.2.
By default, when you generate a Domain Inventory or Evaluation Summary, Guardian displays the results in the Document Pane of the graphical user interface. Guardian 10.3.2 now supports the use of a property file that causes this information to be displayed automatically in the default Web browser instead.
For details about creating and configuring this property file, see "Redirecting Display of Evaluation Summaries and Domain Inventories" in Oracle Guardian User's Guide.
Guardian 10.3.2 now supports the ability for you to create and package custom signatures. You can use this capability to leverage Guardian's ability to detect and identify configuration settings among the WebLogic domains in your environment that you might want to modify.
For example, if you want to determine whether a specific patch has been installed in all your WebLogic domains, you can do the following:
Create a custom signature that detects whether the patch has been installed.
Use Guardian to evaluate all your WebLogic domains and identify those in which this patch has not been installed.
For details about how to create and package custom signatures, see "Creating and Packaging Custom Signatures" in Oracle Guardian User's Guide.
In the previous release of Oracle Guardian, the following sets of options were available in Logging And Debug preferences:
Logging and Exceptions
Server Agent Debugging
In Guardian 10.3.2, the following changes have been made to simplify the selection of preferences:
The Logging and Exceptions section is changed to simply Logging, and the Exception Log Level dropdown list box is removed.
The Scenario Tracing and Pinpoint Tracing sections have been removed.
In previous releases when you downloaded signatures from Oracle Support into your Guardian installation, Oracle collected high level statistics about signature usage in your installation. These statistics included how often each signature was evaluated and detected. Although no customer data was ever returned with these statistics, Oracle no longer collects any usage statistics.
The following changes have been made to Guardian 10.3.2 regarding its integration with My Oracle Support:
In previous releases to obtain new Guardian software and signatures, the Update Wizard prompted you to enter your Customer Support Identifier, along with your My Oracle Support username and password. The Update Wizard no longer prompts you to enter a Customer Support Identifier to obtain these updates; you only need to enter your username and password.
The Service Request Wizard no longer connects to My Oracle Support. You still use this wizard to create a service request archive specific to a detected signature; however, the archive file is not automatically sent by Guardian to Oracle Support. If appropriate for resolving a technical issue or question related to the detected signature, you may optionally send this archive file to My Oracle Support, but this is done outside the use Guardian.
The following sections describe what's new in Guardian 10.3.1.
Programmatic case creation is no longer available using My Oracle Support. However, you can still create a Service Request Archive based on a detected signature that can be attached to a Service Request. This ensures that the Oracle support staff will have the same comprehensive information that they had when using the automated case creation.
The Update Wizard for automatically updating Guardian is now integrated with Oracle's customer service portal, Metalink. Note that the Guardian Update Site list that was returned in previous releases has been replaced by a list of Org Names (referred to as Customer Support Identifiers).
The following sections describe what's new in Guardian 10.3.0:
The evaluation of some signatures may hang the evaluation. To prevent this, open the Preferences page, and set the Guardian > Signature Evaluation Threshold parameter (in milliseconds). Then select the Enable Safe Evaluation checkbox. If enabled, the evaluation of a signature is terminated when this threshold is reached, and the Signature ID is written to the Hung Signature List. In addition, if a signature evaluation fails due to a runtime error, that Signature ID is written to the Problem Signature List. Guardian will not attempt to evaluate signatures in the Problem Signature List.
Previously, if you upgraded from a Guardian version earlier than 1.0.7 to a Guardian version of 1.0.7 or above, you had to manually undeploy the old Guardian Agent in the Oracle WebLogic Server Administration Console, and then manually deploy the new Agent. Now, if you are using WebLogic Server 10.3, the Guardian Agent is already installed and ready for on-demand deployment.
To enable the deployment, open the WebLogic Server 10.3 Administration Console and select Domain > Configuration > General > Enable Oracle Guardian Agent. For instructions, see Oracle WebLogic Server Administration Console Online Help.
Accessibility enhancements have been added for improved keyboard accessibility.
The following sections describe known issues in this release of Oracle Guardian, as well as issues that were resolved in earlier versions.
For instructions on installing Guardian 10.3.2, see the Oracle Guardian Installation Guide.
Oracle Guardian 10.3.2 does not support the Negotiate Identity Assertion provider. If you are authenticated into the WebLogic domain only via the Negotiate Identity Assertion provider, you are unable to activate the domain in Guardian.
Remove the Negotiate Identity Assertion provider from the security realm for the domain you want to activate, and reboot WebLogic Server.
If you enter incorrect username and password credentials in the Update Wizard when trying to connect to My Oracle Support, a Problem Occurred dialog box is displayed indicating that a network connection problem has occurred. When you subsequently click Ok in this dialog box, a message is displayed indicating that no updates are available. This problem can occur even when there are updates available for your Guardian installation.
If you enter incorrect credentials for My Oracle Support, restart the Update Wizard and make sure your credentials are entered correctly.
The following text conventions are used in this document:
|boldface||Boldface type indicates graphical user interface elements associated with an action, or terms defined in text or the glossary.|
|italic||Italic type indicates book titles, emphasis, or placeholder variables for which you supply particular values.|
||Monospace type indicates commands within a paragraph, URLs, code in examples, text that appears on the screen, or text that you enter.|
Our goal is to make Oracle products, services, and supporting documentation accessible to all users, including users that are disabled. To that end, our documentation includes features that make information available to users of assistive technology. This documentation is available in HTML format, and contains markup to facilitate access by the disabled community. Accessibility standards will continue to evolve over time, and Oracle is actively engaged with other market-leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our customers. For more information, visit the Oracle Accessibility Program Web site at
Accessibility of Code Examples in Documentation
Screen readers may not always correctly read the code examples in this document. The conventions for writing code require that closing braces should appear on an otherwise empty line; however, some screen readers may not always read a line of text that consists solely of a bracket or brace.
Accessibility of Links to External Web Sites in Documentation
This documentation may contain links to Web sites of other companies or organizations that Oracle does not own or control. Oracle neither evaluates nor makes any representations regarding the accessibility of these Web sites.
Deaf/Hard of Hearing Access to Oracle Support Services
To reach Oracle Support Services, use a telecommunications relay service (TRS) to call Oracle Support at 1.800.223.1711. An Oracle Support Services engineer will handle technical issues and provide customer support according to the Oracle service request process. Information about TRS is available at
http://www.fcc.gov/cgb/consumerfacts/trs.html, and a list of phone numbers is available at
Oracle Guardian Release Notes, 10.3.2
Copyright © 2008, 2009, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
This software is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications which may create a risk of personal injury. If you use this software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure the safe use of this software. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software in dangerous applications.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.
This software and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.