Reference for Network Firewall
This guide lists the predefined objects in Resource Analytics for Oracle Network Firewall. You can find information about views, entity relationships, subject areas, and sample queries.
Views
This section provides information about views within Resource Analytics Network Firewall and their columns, data types, keys, and the referred view and column names. The following views are available:
| Name | Description |
|---|---|
| NETWORK_FIREWALL_ADDRESS_LIST_DIM_V | This view stores information on address lists with reference names for policies. |
| NETWORK_FIREWALL_APPLICATION_GROUP_DIM_V | This view stores information on groups of applications referenced by policy rules. |
| NETWORK_FIREWALL_APPLICATION_DIM_V | This view stores information on protocol identifiers and protocol-specific parameters. |
| NETWORK_FIREWALL_CHILD_RESOURCE_DETAILS_DIM_V | This view stores information on all network firewall child resources. |
| NETWORK_FIREWALL_CORRELATION_DIM_V | This view stores information on the policy associated with a network firewall. |
| NETWORK_FIREWALL_DECRYPTION_PROFILE_DIM_V | This view stores information on decryption profiles used for firewall policies. |
| NETWORK_FIREWALL_DECRYPTION_RULE_DIM_V | This view stores information on decryption rules used in firewall policies. |
| NETWORK_FIREWALL_DIM_V | This view stores information on NetworkFirewall, which is a security resource associated with a policy to control incoming and outgoing traffic based on rules. |
| NETWORK_FIREWALL_FACT_V | Fact table for network firewalls. |
| NETWORK_FIREWALL_MAPPED_SECRET_DIM_V | This view stores information on mapped secrets used on firewall policy rules. |
| NETWORK_FIREWALL_NAT_RULE_DIM_V | This view stores information on NAT rules to define translation in firewall policies. |
| NETWORK_FIREWALL_POLICY_DIM_V | This view stores information on a set of policy rules and configuration for use with Network Firewall. |
| NETWORK_FIREWALL_SECURITY_RULE_DIM_V | This view stores information on security rules used in firewall policy rules. |
| NETWORK_FIREWALL_SERVICE_DIM_V | This view stores information on services identified by port and protocol. |
| NETWORK_FIREWALL_SERVICE_LIST_DIM_V | This view stores information on groups of services referenced by policy rules. |
| NETWORK_FIREWALL_TUNNEL_INSPECTION_RULE_DIM_V | This view stores information on tunnel inspection rules used in firewall policies. |
| NETWORK_FIREWALL_URL_LIST_DIM_V | This view stores information on URL pattern lists in firewall policies. |
The suffixes in the view names specify the view type:
- FACT_V: Fact
- DIM_V: Dimension
Relationship Diagram
This section provides diagrams that define the logical relationship of a fact table with different dimension tables.
The contents of each view and their relationships are listed in the following file: Network Firewall views.
This diagram shows the relationship of the Network Firewall fact view with different dimension views.
Relationships exist among dimensions. Dimensions can be joined directly to each other. These diagrams show the relationship between dimension views.
Sample Queries
Sample queries for Network Firewall.
SELECT COMPARTMENT_ID, NETWORK_FIREWALL_ID, NETWORK_FIREWALL_POLICY_ID
FROM OCIRA.NETWORK_FIREWALL_FACT_V;SELECT N.NETWORK_FIREWALL_ID, S.*
FROM OCIRA.NETWORK_FIREWALL_FACT_V N
LEFT JOIN OCIRA.VCN_SUBNET_DIM_V S ON N.OCIRA_SUBNET_KEY = S.OCIRA_SUBNET_KEY;SELECT
OCIRA_RESOURCE_KEY,
COMPARTMENT_ID,
NAME,
PARENT_RESOURCE_ID,
RESOURCE_TYPE,
REGION
FROM
OCIRA.NETWORK_FIREWALL_CHILD_RESOURCE_DETAILS_DIM_V
WHERE
PARENT_RESOURCE_ID = '<YOUR_FIREWALL_POLICY_OCID>' -- replace with the target firewall policy OCID;Data Lineage
The Customer Experience Semantic Model Lineage spreadsheet and Metric Calculation Logic spreadsheet for Network Firewall provides an end-to-end data lineage summary report for physical and logical relationships in your data.
For more information, see Data Lineage.
Subject Areas
This section provides information on the subject areas with data you maintain in Network Firewall. These subject areas, with their corresponding data, are available for you to use when creating and editing analyses and reports. The information for each subject area includes:
Description of the subject area.
Business questions that can be answered by data in the subject area, with a link to more detailed information about each business question.
Job-specific groups and duty roles that can be used to secure access to the subject area, with a link to more detailed information about each job role and duty role.
Primary navigation to the work area that's represented by the subject area.
Time reporting considerations in using the subject area, such as whether the subject area reports historical data or only the current data. Historical reporting refers to reporting on historical transactional data in a subject area. With a few exceptions, all dimensional data are current as of the primary transaction dates or system date.
The lowest grain of transactional data in a subject area. The lowest transactional data grain decides how data are joined in a report.
Special considerations, tips, and things to look out for in using the subject area to create analyses and reports.
Other References
- Network Firewall documentation
- AddressList Reference
- ApplicationGroup Reference
- Application Reference
- DecryptionProfile Reference
- DecryptionRule Reference
- MappedSecret Reference
- NatRule Reference
- NetworkFirewall Reference
- NetworkFirewallPolicy Reference
- SecurityRule Reference
- ServiceList Reference
- Service Reference
- TunnelInspectionRule Reference
- UrlList Reference