Contents

List of Figures

Title and Copyright Information

Preface

• Audience
• Documentation Accessibility
• Related Documents
• Conventions

1 Introducing the Oracle Database Firewall System

• Downloading the Latest Version of This Manual
• About the Oracle Database Firewall System
  • What Is the Oracle Database Firewall System?
  • The Oracle Database Firewall Approach to Database Security
  • Oracle Database Firewall Architecture
  • Using Policy Files to Create Data Policies
    • Creating Policy Files
    • Using Policy Files
  • Oracle Database Firewall Operational Modes
  • How the Oracle Database Firewall Logging Feature Works
    • What Is the Purpose of Logging?
    • What Logs Does Oracle Database Firewall Maintain?
• Oracle Database Firewall Applications
  • Oracle Database Firewall Analyzer
  • Oracle Database Firewall Administration Console
    • About the Administration Console
    • Types of Reports Generated from the Administration Console
    • Stored Procedure Auditing and User Role Auditing
• Planning the Protection Level for Your Databases

2 Using the Administration Console

• About the Administration Console
• Accessing the Administration Console
  • Who Can Log in to the Administration Console
  • Logging in to the Administration Console
• Using the Dashboard
  • Parts of the Dashboard

3 Using Oracle Database Firewall Analyzer

• Overview of the Oracle Database Firewall Analyzer
  • About the Analyzer
  • The Concept of Clustering SQL Statements in the Analyzer
  • The Process of Developing a Policy
• Creating a Model
  • About Creating a Model
  • Supplying Data to Train the Analyzer
    • Enabling Log Unique Policies to Provide Logging Data
  • Creating a New Model in the Analyzer
    • Creating a New Model from Training on Log Data
    • Creating a New Model from Training on a SQL Statement File
  • Opening an Existing Model
• Viewing and Analyzing Data in the Model
  • About Analyzing Data
  • The Analyzer Main Window
    • Elements of the Analyzer Summary Tab
    • Other Analyzer Tabs
  • Viewing Clusters by Cluster Groups
    • Viewing Clusters in the Analysis tab
    • Viewing Cluster Groups in the Details Tab
  • Viewing Data by Database Tables
  • Viewing Data by Database Columns
  • Filtering Data in the Details and Analysis Tabs
  • Viewing and Filtering Data in the Baseline Tab
  • Viewing Data by Profile
  • Viewing the Properties of a Model
• Designing the Policy
  • About Designing the Policy
  • Creating a Policy Automatically
  • Manually Setting the Action, Logging Level, and Threat Severity
    • Managing Traffic Encrypted with Oracle Database Advanced Security Option
  • Creating Exceptions, Novelty Policies, and a Default Rule
    • About Exceptions, Novelty Policies, and the Default Rule
    • Creating Exceptions
    • Creating Novelty Policies
    • Customizing the Default Rule
  • Blocking SQL and Creating Substitute Statements
  • Creating Login and Logout Policies for Database Users
  • Using Profiles to Display and Set Policy Rules for Specific Data
    • Creating a Profile
    • Using Profiles in the Analysis and Details Tabs
  • Defining Sets of Factors to Use in Profiles and Exceptions
• Creating a Policy File and Uploading it into the Database Firewall
  • Creating a Policy File in the Analyzer
  • Uploading and Enabling a Policy in the Database Firewall or Management Server
• Improving and Refining the Policy with new Data
  • Refining the Policy Interactively
  • Refreshing the Analyzer with Updated Data from the Monitored Database
  • Analyzing the Updated Data
  • Assigning Policy Rules to the New Data and Updating Your Policy
• Additional Features
  • Sensitive Data Masking
  • Exporting the Data in a Model as HTML
  • Creating a Model from a Policy File
  • Dividing the Screen into Two Screens

4 Auditing Stored Procedures and Roles

• About Auditing Stored Procedures and Roles
• Viewing and Approving Changes to Stored Procedures
  • About Viewing and Approving Changes to Stored Procedures
  • Running a Manual Stored Procedure Audit
  • Approving Changes Made to a Stored Procedure
  • Filtering Options for Approving Changes in Stored Procedures
• Viewing and Approving Changes to User Roles
  • About Viewing and Approving Changes to User Roles
  • Running a Manual User Role Audit
  • Approving Changes Made to a User Role
  • Filtering Options for Approving Changes in User Roles

5 Accessing and Viewing the Traffic Log

• Accessing the Traffic Log
  • Accessing Traffic Logs
  • Viewing Logged Traffic
  • Searching for Traffic Logs
  • Viewing the Log Search Results
  • Log Search Results and Scheduled Reports
• Viewing the Traffic Log for Database Response Monitoring

6 Generating Oracle Database Firewall Reports

• About Oracle Database Firewall Reports
  • Reports Generated from the Administration Console
  • Generating Reports
• Generating Audit and Summary Reports
• Options in the Reports Menu
• Adding Your Own Reports
• Scheduling Reports
• How the Security Index Formula Is Calculated

Index