SlideShare una empresa de Scribd logo

IOUG Collaborate 2014 Auditing/Security in EM12c

Descargar como PPTX, PDF
Kellyn Pot'Vin-Gorman
Kellyn Pot'Vin-Gorman
Tecnología
1 de 24
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 121
Enterprise Manager 12c and Keys to the Castle Kellyn Pot’Vin Consulting Member of Technical Team Strategic Customer Program
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 123 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 124 The Importance of Securing The EM12c Environment  IT environments are now more complex and dynamic.  Financial implications and loss of goodwill coupled with stringent regulatory requirements.  Challenges due to introduction of distributed system management applications. What best practices are in place for system management products?
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 125 Focus on Security Groups, Roles and Auditing  Creating significant roles and then grant roles to users instead of granting privileges.  Take advantage of privilege propagation groups and systems to deter from resource demands  Treat the Repository as you would any other database. Use common sense and standard security best practices.  Enable auditing to retain information about actions in the repository and export to an external directory to retain limited information. 5
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 126 Do You Know Who Has the Power of the Force? SELECT grantee FROM MGMT_PRIV_GRANTS WHERE PRIV_NAME = ‘SUPER_USER’ ; 6
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 127 Entitlement Summary Info 7
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 128 Entitlement Summary 8
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 129 Entitlement Breakdown 9 • Also can include… • Contact info • Location and Department • Lifecycle and chargeback info • Note if user is super admin or not.
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1210 Roles Assigned, Part II of Entitlement Summary 10 • Each Role is displayed • Total Roles granted displayed to far right • Each Role is a link to detail info on role
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1211 Role Details 11
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1212 Roles and Privileges to Roles… :) 12
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1213 Entitlement Summary, Part III 13 • Assign individual targets • View any target, (different from accessing any) • Assign distinct privileges to any target
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1214 Auditing  Allows you to track and validate actions performed in EM12c,  By default, basic and infrastructure auditing is enabled.  Over 150 auditing options are available in Enterprise Manager.  Encompasses updates, downloads, OMS password changes and EM key copy and removals from the repository.  An enhanced page makes viewing data easy. Page can be accessed via Setup Security  Audit Data 14
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1215 EM CLI Auditing Commands  List of commands  Show auditing status info  Enable Auditing Settings  Update Auditing Settings  How to externalize auditing data 15
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1216 Inspecting Rights Internal 16
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1217 View Audit Settings 17
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1218 Enabling Audit Options  To enable audit for a subset of audited operations, please use the following EM CLI verb: >emcli update_audit_settings - audit_switch="ENABLE/DISABLE" - operations_to_enable="<insert operation name here or just say ALL>" - operations_to_disable="<insert operation name here or just say ALL>" 18
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1219 Updating Audit Settings  External file systems can be updated from the repository on a regular basis to externalize the service.  Tip- Ensure there is enough disk space for this operation, as log files can consume significant space. >emcli update_audit_settings - file_prefix=<file_prefix> - directory_name=<directory_name> -file_size = <file size> -data_retention_period=<period in days> 19
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1220 Example of audit data to external directory  We’ll retain the data in the Repository for 31 days  Data will be exported to the external directory, (dba_directories)  Each of the audit files will be prefixed with “em12c_audit”  Files will be max size of 25M each >emcli update_audit_settings - externalization_switch=ENABLE - file_prefix=em12c_audit - directory=AUD_DMP -file_size=25000000 - data_retention_period=31 20
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1221 Best Practices for Auditing  Plan carefully to ensure that you capture the data that you require to audit effectively.  Use and External audit service and secure the files created to retain audit data outside the repository in case of significant loss. 21
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1222 Connect with me-
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1223
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1224

Recomendados

Em13c New Features- One of Two
Em13c New Features- One of TwoEm13c New Features- One of Two
Em13c New Features- One of Two
Kellyn Pot'Vin-Gorman
 
Database as a Service, Collaborate 2016
Database as a Service, Collaborate 2016Database as a Service, Collaborate 2016
Database as a Service, Collaborate 2016
Kellyn Pot'Vin-Gorman
 
Em13c New Features- Two of Two
Em13c New Features- Two of TwoEm13c New Features- Two of Two
Em13c New Features- Two of Two
Kellyn Pot'Vin-Gorman
 
Em13c features- HotSos 2016
Em13c features- HotSos 2016Em13c features- HotSos 2016
Em13c features- HotSos 2016
Kellyn Pot'Vin-Gorman
 
Upgrading Em13c Collaborate 2016
Upgrading Em13c Collaborate 2016Upgrading Em13c Collaborate 2016
Upgrading Em13c Collaborate 2016
Kellyn Pot'Vin-Gorman
 
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Courtney Llamas
 
New Not Your Father's Enterprise Manager
New Not Your Father's Enterprise ManagerNew Not Your Father's Enterprise Manager
New Not Your Father's Enterprise Manager
Kellyn Pot'Vin-Gorman
 
Kscope Not Your Father's Enterprise Manager
Kscope Not Your Father's Enterprise ManagerKscope Not Your Father's Enterprise Manager
Kscope Not Your Father's Enterprise Manager
Kellyn Pot'Vin-Gorman
 

Recomendados

Em13c New Features- One of Two
Em13c New Features- One of TwoEm13c New Features- One of Two
Em13c New Features- One of Two
Kellyn Pot'Vin-Gorman
 
Database as a Service, Collaborate 2016
Database as a Service, Collaborate 2016Database as a Service, Collaborate 2016
Database as a Service, Collaborate 2016
Kellyn Pot'Vin-Gorman
 
Em13c New Features- Two of Two
Em13c New Features- Two of TwoEm13c New Features- Two of Two
Em13c New Features- Two of Two
Kellyn Pot'Vin-Gorman
 
Em13c features- HotSos 2016
Em13c features- HotSos 2016Em13c features- HotSos 2016
Em13c features- HotSos 2016
Kellyn Pot'Vin-Gorman
 
Upgrading Em13c Collaborate 2016
Upgrading Em13c Collaborate 2016Upgrading Em13c Collaborate 2016
Upgrading Em13c Collaborate 2016
Kellyn Pot'Vin-Gorman
 
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Zero to Manageability in 60 Minutes: Building a Solid Foundation for Oracle E...
Courtney Llamas
 
New Not Your Father's Enterprise Manager
New Not Your Father's Enterprise ManagerNew Not Your Father's Enterprise Manager
New Not Your Father's Enterprise Manager
Kellyn Pot'Vin-Gorman
 
Kscope Not Your Father's Enterprise Manager
Kscope Not Your Father's Enterprise ManagerKscope Not Your Father's Enterprise Manager
Kscope Not Your Father's Enterprise Manager
Kellyn Pot'Vin-Gorman
 
Enterprise manager 13c
Enterprise manager 13cEnterprise manager 13c
Enterprise manager 13c
MarketingArrowECS_CZ
 
Oracle - Enterprise Manager 12c Overview
Oracle - Enterprise Manager 12c OverviewOracle - Enterprise Manager 12c Overview
Oracle - Enterprise Manager 12c Overview
Fred Sim
 
Optimizing the Enterprise Manager 12c
Optimizing the Enterprise Manager 12cOptimizing the Enterprise Manager 12c
Optimizing the Enterprise Manager 12c
Kellyn Pot'Vin-Gorman
 
AWR, ASH with EM13 at HotSos 2016
AWR, ASH with EM13 at HotSos 2016AWR, ASH with EM13 at HotSos 2016
AWR, ASH with EM13 at HotSos 2016
Kellyn Pot'Vin-Gorman
 
Dmz aa aioug
Dmz aa aiougDmz aa aioug
Dmz aa aioug
pasalapudi123
 
Oracle Fusion Middleware Infrastructure Best Practices
Oracle Fusion Middleware Infrastructure Best PracticesOracle Fusion Middleware Infrastructure Best Practices
Oracle Fusion Middleware Infrastructure Best Practices
Revelation Technologies
 
Oracle Database Cloud Fleet Maintenance
Oracle Database Cloud Fleet MaintenanceOracle Database Cloud Fleet Maintenance
Oracle Database Cloud Fleet Maintenance
Hari Srinivasan
 
OOW15 - Getting Optimal Performance from Oracle E-Business Suite
OOW15 - Getting Optimal Performance from Oracle E-Business SuiteOOW15 - Getting Optimal Performance from Oracle E-Business Suite
OOW15 - Getting Optimal Performance from Oracle E-Business Suite
vasuballa
 
Getting optimal performance from oracle e-business suite presentation
Getting optimal performance from oracle e-business suite presentationGetting optimal performance from oracle e-business suite presentation
Getting optimal performance from oracle e-business suite presentation
Berry Clemens
 
Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)
pasalapudi123
 
Ebs upgrade-to-12.2 technical-upgrade_best_practices(aioug-aug2015)
Ebs upgrade-to-12.2 technical-upgrade_best_practices(aioug-aug2015)Ebs upgrade-to-12.2 technical-upgrade_best_practices(aioug-aug2015)
Ebs upgrade-to-12.2 technical-upgrade_best_practices(aioug-aug2015)
pasalapudi123
 
Oracle EM12c Release 4 New Features!
Oracle EM12c Release 4 New Features!Oracle EM12c Release 4 New Features!
Oracle EM12c Release 4 New Features!
Kellyn Pot'Vin-Gorman
 
Managing Oracle Solaris Systems with Puppet
Managing Oracle Solaris Systems with PuppetManaging Oracle Solaris Systems with Puppet
Managing Oracle Solaris Systems with Puppet
glynnfoster
 
Adop and maintenance task presentation 151015
Adop and maintenance task presentation 151015Adop and maintenance task presentation 151015
Adop and maintenance task presentation 151015
andreas kuncoro
 
Database Upgrades Automation using Enterprise Manager 12c
Database Upgrades Automation using Enterprise Manager 12cDatabase Upgrades Automation using Enterprise Manager 12c
Database Upgrades Automation using Enterprise Manager 12c
Hari Srinivasan
 
OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...
OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...
OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...
vasuballa
 
Oracle cmg15
Oracle cmg15Oracle cmg15
Oracle cmg15
Kellyn Pot'Vin-Gorman
 
Oracle Enterprise Manager Cloud Control 13c for DBAs
Oracle Enterprise Manager Cloud Control 13c for DBAsOracle Enterprise Manager Cloud Control 13c for DBAs
Oracle Enterprise Manager Cloud Control 13c for DBAs
Gokhan Atil
 
Updated Power of the AWR Warehouse, Dallas, HQ, etc.
Updated Power of the AWR Warehouse, Dallas, HQ, etc.Updated Power of the AWR Warehouse, Dallas, HQ, etc.
Updated Power of the AWR Warehouse, Dallas, HQ, etc.
Kellyn Pot'Vin-Gorman
 
Ebs12.2 online patching(aioug_aug2015)
Ebs12.2 online patching(aioug_aug2015)Ebs12.2 online patching(aioug_aug2015)
Ebs12.2 online patching(aioug_aug2015)
pasalapudi123
 
IOUG Collaborate 2014 ASH/AWR Deep Dive
IOUG Collaborate 2014 ASH/AWR Deep DiveIOUG Collaborate 2014 ASH/AWR Deep Dive
IOUG Collaborate 2014 ASH/AWR Deep Dive
Kellyn Pot'Vin-Gorman
 
Oak Table Collaborate Snapclone Talk
Oak Table Collaborate Snapclone TalkOak Table Collaborate Snapclone Talk
Oak Table Collaborate Snapclone Talk
Kellyn Pot'Vin-Gorman
 

Más contenido relacionado

La actualidad más candente

Oracle - Enterprise Manager 12c Overview
Oracle - Enterprise Manager 12c OverviewOracle - Enterprise Manager 12c Overview
Oracle - Enterprise Manager 12c Overview
Fred Sim
 
Oracle Fusion Middleware Infrastructure Best Practices
Oracle Fusion Middleware Infrastructure Best PracticesOracle Fusion Middleware Infrastructure Best Practices
Oracle Fusion Middleware Infrastructure Best Practices
Revelation Technologies
 
Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)
pasalapudi123
 

La actualidad más candente (20)

Enterprise manager 13c
Enterprise manager 13cEnterprise manager 13c
Enterprise manager 13c
 
Oracle - Enterprise Manager 12c Overview
Oracle - Enterprise Manager 12c OverviewOracle - Enterprise Manager 12c Overview
Oracle - Enterprise Manager 12c Overview
 
Optimizing the Enterprise Manager 12c
Optimizing the Enterprise Manager 12cOptimizing the Enterprise Manager 12c
Optimizing the Enterprise Manager 12c
 
AWR, ASH with EM13 at HotSos 2016
AWR, ASH with EM13 at HotSos 2016AWR, ASH with EM13 at HotSos 2016
AWR, ASH with EM13 at HotSos 2016
 
Dmz aa aioug
Dmz aa aiougDmz aa aioug
Dmz aa aioug
 
Oracle Fusion Middleware Infrastructure Best Practices
Oracle Fusion Middleware Infrastructure Best PracticesOracle Fusion Middleware Infrastructure Best Practices
Oracle Fusion Middleware Infrastructure Best Practices
 
Oracle Database Cloud Fleet Maintenance
Oracle Database Cloud Fleet MaintenanceOracle Database Cloud Fleet Maintenance
Oracle Database Cloud Fleet Maintenance
 
OOW15 - Getting Optimal Performance from Oracle E-Business Suite
OOW15 - Getting Optimal Performance from Oracle E-Business SuiteOOW15 - Getting Optimal Performance from Oracle E-Business Suite
OOW15 - Getting Optimal Performance from Oracle E-Business Suite
 
Getting optimal performance from oracle e-business suite presentation
Getting optimal performance from oracle e-business suite presentationGetting optimal performance from oracle e-business suite presentation
Getting optimal performance from oracle e-business suite presentation
 
Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)
 
Ebs upgrade-to-12.2 technical-upgrade_best_practices(aioug-aug2015)
Ebs upgrade-to-12.2 technical-upgrade_best_practices(aioug-aug2015)Ebs upgrade-to-12.2 technical-upgrade_best_practices(aioug-aug2015)
Ebs upgrade-to-12.2 technical-upgrade_best_practices(aioug-aug2015)
 
Oracle EM12c Release 4 New Features!
Oracle EM12c Release 4 New Features!Oracle EM12c Release 4 New Features!
Oracle EM12c Release 4 New Features!
 
Managing Oracle Solaris Systems with Puppet
Managing Oracle Solaris Systems with PuppetManaging Oracle Solaris Systems with Puppet
Managing Oracle Solaris Systems with Puppet
 
Adop and maintenance task presentation 151015
Adop and maintenance task presentation 151015Adop and maintenance task presentation 151015
Adop and maintenance task presentation 151015
 
Database Upgrades Automation using Enterprise Manager 12c
Database Upgrades Automation using Enterprise Manager 12cDatabase Upgrades Automation using Enterprise Manager 12c
Database Upgrades Automation using Enterprise Manager 12c
 
OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...
OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...
OOW16 - Oracle Enterprise Manager 13c Cloud Control for Managing Oracle E-Bus...
 
Oracle cmg15
Oracle cmg15Oracle cmg15
Oracle cmg15
 
Oracle Enterprise Manager Cloud Control 13c for DBAs
Oracle Enterprise Manager Cloud Control 13c for DBAsOracle Enterprise Manager Cloud Control 13c for DBAs
Oracle Enterprise Manager Cloud Control 13c for DBAs
 
Updated Power of the AWR Warehouse, Dallas, HQ, etc.
Updated Power of the AWR Warehouse, Dallas, HQ, etc.Updated Power of the AWR Warehouse, Dallas, HQ, etc.
Updated Power of the AWR Warehouse, Dallas, HQ, etc.
 
Ebs12.2 online patching(aioug_aug2015)
Ebs12.2 online patching(aioug_aug2015)Ebs12.2 online patching(aioug_aug2015)
Ebs12.2 online patching(aioug_aug2015)
 

Similar a IOUG Collaborate 2014 Auditing/Security in EM12c

IOUG Collaborate 2014 ASH/AWR Deep Dive
IOUG Collaborate 2014 ASH/AWR Deep DiveIOUG Collaborate 2014 ASH/AWR Deep Dive
IOUG Collaborate 2014 ASH/AWR Deep Dive
Kellyn Pot'Vin-Gorman
 
Oak Table Collaborate Snapclone Talk
Oak Table Collaborate Snapclone TalkOak Table Collaborate Snapclone Talk
Oak Table Collaborate Snapclone Talk
Kellyn Pot'Vin-Gorman
 
IOUG Collaborate 2014 Mastering EM12c Monitoring
IOUG Collaborate 2014 Mastering EM12c MonitoringIOUG Collaborate 2014 Mastering EM12c Monitoring
IOUG Collaborate 2014 Mastering EM12c Monitoring
Kellyn Pot'Vin-Gorman
 
IOUG Collaborate 2014 DBaaS in a DBAs World
IOUG Collaborate 2014 DBaaS in a DBAs WorldIOUG Collaborate 2014 DBaaS in a DBAs World
IOUG Collaborate 2014 DBaaS in a DBAs World
Kellyn Pot'Vin-Gorman
 
Con3928 horton session con3928 fusion app on-premise installation lessons lea...
Con3928 horton session con3928 fusion app on-premise installation lessons lea...Con3928 horton session con3928 fusion app on-premise installation lessons lea...
Con3928 horton session con3928 fusion app on-premise installation lessons lea...
Berry Clemens
 
Con8442 fusion functional setup manager
Con8442 fusion functional setup managerCon8442 fusion functional setup manager
Con8442 fusion functional setup manager
Berry Clemens
 
From Nice to Have to Mission Critical: MySQL Enterprise Edition
From Nice to Have to Mission Critical: MySQL Enterprise EditionFrom Nice to Have to Mission Critical: MySQL Enterprise Edition
From Nice to Have to Mission Critical: MySQL Enterprise Edition
郁萍 王
 
C4 delivering database as a service within your organization
C4 delivering database as a service within your organizationC4 delivering database as a service within your organization
C4 delivering database as a service within your organization
Dr. Wilfred Lin (Ph.D.)
 

Similar a IOUG Collaborate 2014 Auditing/Security in EM12c (20)

IOUG Collaborate 2014 ASH/AWR Deep Dive
IOUG Collaborate 2014 ASH/AWR Deep DiveIOUG Collaborate 2014 ASH/AWR Deep Dive
IOUG Collaborate 2014 ASH/AWR Deep Dive
 
Oak Table Collaborate Snapclone Talk
Oak Table Collaborate Snapclone TalkOak Table Collaborate Snapclone Talk
Oak Table Collaborate Snapclone Talk
 
IOUG Collaborate 2014 Mastering EM12c Monitoring
IOUG Collaborate 2014 Mastering EM12c MonitoringIOUG Collaborate 2014 Mastering EM12c Monitoring
IOUG Collaborate 2014 Mastering EM12c Monitoring
 
Architecture performance and tips and tricks for instantis enterprise track 8...
Architecture performance and tips and tricks for instantis enterprise track 8...Architecture performance and tips and tricks for instantis enterprise track 8...
Architecture performance and tips and tricks for instantis enterprise track 8...
 
Apouc 2014-learn-from-oracle-support
Apouc 2014-learn-from-oracle-supportApouc 2014-learn-from-oracle-support
Apouc 2014-learn-from-oracle-support
 
IOUG Collaborate 2014 DBaaS in a DBAs World
IOUG Collaborate 2014 DBaaS in a DBAs WorldIOUG Collaborate 2014 DBaaS in a DBAs World
IOUG Collaborate 2014 DBaaS in a DBAs World
 
Con3928 horton session con3928 fusion app on-premise installation lessons lea...
Con3928 horton session con3928 fusion app on-premise installation lessons lea...Con3928 horton session con3928 fusion app on-premise installation lessons lea...
Con3928 horton session con3928 fusion app on-premise installation lessons lea...
 
Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015Securing data in Oracle Database 12c - 2015
Securing data in Oracle Database 12c - 2015
 
Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfPpt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdf
 
206610 instantis for the enterprise
206610 instantis for the enterprise206610 instantis for the enterprise
206610 instantis for the enterprise
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
 
Oracle BPM Adaptive Case Management 2014
Oracle BPM Adaptive Case Management 2014Oracle BPM Adaptive Case Management 2014
Oracle BPM Adaptive Case Management 2014
 
Con8442 fusion functional setup manager
Con8442 fusion functional setup managerCon8442 fusion functional setup manager
Con8442 fusion functional setup manager
 
MySQL Enterprise Monitor
MySQL Enterprise MonitorMySQL Enterprise Monitor
MySQL Enterprise Monitor
 
Understanding the Patching Process
Understanding the Patching ProcessUnderstanding the Patching Process
Understanding the Patching Process
 
The 4Ps of Multichannel Marketing in Life Sciences
The 4Ps of Multichannel Marketing in Life SciencesThe 4Ps of Multichannel Marketing in Life Sciences
The 4Ps of Multichannel Marketing in Life Sciences
 
From Nice to Have to Mission Critical: MySQL Enterprise Edition
From Nice to Have to Mission Critical: MySQL Enterprise EditionFrom Nice to Have to Mission Critical: MySQL Enterprise Edition
From Nice to Have to Mission Critical: MySQL Enterprise Edition
 
Developing Applications with MySQL and Java
Developing Applications with MySQL and JavaDeveloping Applications with MySQL and Java
Developing Applications with MySQL and Java
 
C4 delivering database as a service within your organization
C4 delivering database as a service within your organizationC4 delivering database as a service within your organization
C4 delivering database as a service within your organization
 
Oracle databáze - zkonsolidovat, ochránit a ještě ušetřit! (2. část)
Oracle databáze - zkonsolidovat, ochránit a ještě ušetřit! (2. část)Oracle databáze - zkonsolidovat, ochránit a ještě ušetřit! (2. část)
Oracle databáze - zkonsolidovat, ochránit a ještě ušetřit! (2. část)
 

Más de Kellyn Pot'Vin-Gorman

Más de Kellyn Pot'Vin-Gorman (20)

Redgate_summit_atl_kgorman_intersection.pptx
Redgate_summit_atl_kgorman_intersection.pptxRedgate_summit_atl_kgorman_intersection.pptx
Redgate_summit_atl_kgorman_intersection.pptx
 
SQLSatOregon_kgorman_keynote_NIAIMLEC.pptx
SQLSatOregon_kgorman_keynote_NIAIMLEC.pptxSQLSatOregon_kgorman_keynote_NIAIMLEC.pptx
SQLSatOregon_kgorman_keynote_NIAIMLEC.pptx
 
Boston_sql_kegorman_highIO.pptx
Boston_sql_kegorman_highIO.pptxBoston_sql_kegorman_highIO.pptx
Boston_sql_kegorman_highIO.pptx
 
Oracle on Azure IaaS 2023 Update
Oracle on Azure IaaS 2023 UpdateOracle on Azure IaaS 2023 Update
Oracle on Azure IaaS 2023 Update
 
IaaS for DBAs in Azure
IaaS for DBAs in AzureIaaS for DBAs in Azure
IaaS for DBAs in Azure
 
Being Successful with ADHD
Being Successful with ADHDBeing Successful with ADHD
Being Successful with ADHD
 
Azure DBA with IaaS
Azure DBA with IaaSAzure DBA with IaaS
Azure DBA with IaaS
 
Turning ADHD into "Awesome Dynamic Highly Dependable"
Turning ADHD into "Awesome Dynamic Highly Dependable"Turning ADHD into "Awesome Dynamic Highly Dependable"
Turning ADHD into "Awesome Dynamic Highly Dependable"
 
PASS Summit 2020
PASS Summit 2020PASS Summit 2020
PASS Summit 2020
 
DevOps in Silos
DevOps in SilosDevOps in Silos
DevOps in Silos
 
Azure Databases with IaaS
Azure Databases with IaaSAzure Databases with IaaS
Azure Databases with IaaS
 
How to Win When Migrating to Azure
How to Win When Migrating to AzureHow to Win When Migrating to Azure
How to Win When Migrating to Azure
 
Securing Power BI Data
Securing Power BI DataSecuring Power BI Data
Securing Power BI Data
 
Cepta The Future of Data with Power BI
Cepta The Future of Data with Power BICepta The Future of Data with Power BI
Cepta The Future of Data with Power BI
 
Pass Summit Linux Scripting for the Microsoft Professional
Pass Summit Linux Scripting for the Microsoft ProfessionalPass Summit Linux Scripting for the Microsoft Professional
Pass Summit Linux Scripting for the Microsoft Professional
 
Taming the shrew Power BI
Taming the shrew Power BITaming the shrew Power BI
Taming the shrew Power BI
 
PASS 24HOP Linux Scripting Tips and Tricks
PASS 24HOP Linux Scripting Tips and TricksPASS 24HOP Linux Scripting Tips and Tricks
PASS 24HOP Linux Scripting Tips and Tricks
 
Power BI with Essbase in the Oracle Cloud
Power BI with Essbase in the Oracle CloudPower BI with Essbase in the Oracle Cloud
Power BI with Essbase in the Oracle Cloud
 
ODTUG Leadership Talk- WIT and Sponsorship
ODTUG Leadership Talk- WIT and SponsorshipODTUG Leadership Talk- WIT and Sponsorship
ODTUG Leadership Talk- WIT and Sponsorship
 
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the DataDevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
DevOps and Decoys How to Build a Successful Microsoft DevOps Including the Data
 

Último

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 

Último (20)

GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 

IOUG Collaborate 2014 Auditing/Security in EM12c

  • 1. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 121
  • 2. Enterprise Manager 12c and Keys to the Castle Kellyn Pot’Vin Consulting Member of Technical Team Strategic Customer Program
  • 3. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 123 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  • 4. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 124 The Importance of Securing The EM12c Environment  IT environments are now more complex and dynamic.  Financial implications and loss of goodwill coupled with stringent regulatory requirements.  Challenges due to introduction of distributed system management applications. What best practices are in place for system management products?
  • 5. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 125 Focus on Security Groups, Roles and Auditing  Creating significant roles and then grant roles to users instead of granting privileges.  Take advantage of privilege propagation groups and systems to deter from resource demands  Treat the Repository as you would any other database. Use common sense and standard security best practices.  Enable auditing to retain information about actions in the repository and export to an external directory to retain limited information. 5
  • 6. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 126 Do You Know Who Has the Power of the Force? SELECT grantee FROM MGMT_PRIV_GRANTS WHERE PRIV_NAME = ‘SUPER_USER’ ; 6
  • 7. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 127 Entitlement Summary Info 7
  • 8. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 128 Entitlement Summary 8
  • 9. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 129 Entitlement Breakdown 9 • Also can include… • Contact info • Location and Department • Lifecycle and chargeback info • Note if user is super admin or not.
  • 10. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1210 Roles Assigned, Part II of Entitlement Summary 10 • Each Role is displayed • Total Roles granted displayed to far right • Each Role is a link to detail info on role
  • 11. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1211 Role Details 11
  • 12. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1212 Roles and Privileges to Roles… :) 12
  • 13. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1213 Entitlement Summary, Part III 13 • Assign individual targets • View any target, (different from accessing any) • Assign distinct privileges to any target
  • 14. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1214 Auditing  Allows you to track and validate actions performed in EM12c,  By default, basic and infrastructure auditing is enabled.  Over 150 auditing options are available in Enterprise Manager.  Encompasses updates, downloads, OMS password changes and EM key copy and removals from the repository.  An enhanced page makes viewing data easy. Page can be accessed via Setup Security  Audit Data 14
  • 15. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1215 EM CLI Auditing Commands  List of commands  Show auditing status info  Enable Auditing Settings  Update Auditing Settings  How to externalize auditing data 15
  • 16. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1216 Inspecting Rights Internal 16
  • 17. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1217 View Audit Settings 17
  • 18. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1218 Enabling Audit Options  To enable audit for a subset of audited operations, please use the following EM CLI verb: >emcli update_audit_settings - audit_switch="ENABLE/DISABLE" - operations_to_enable="<insert operation name here or just say ALL>" - operations_to_disable="<insert operation name here or just say ALL>" 18
  • 19. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1219 Updating Audit Settings  External file systems can be updated from the repository on a regular basis to externalize the service.  Tip- Ensure there is enough disk space for this operation, as log files can consume significant space. >emcli update_audit_settings - file_prefix=<file_prefix> - directory_name=<directory_name> -file_size = <file size> -data_retention_period=<period in days> 19
  • 20. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1220 Example of audit data to external directory  We’ll retain the data in the Repository for 31 days  Data will be exported to the external directory, (dba_directories)  Each of the audit files will be prefixed with “em12c_audit”  Files will be max size of 25M each >emcli update_audit_settings - externalization_switch=ENABLE - file_prefix=em12c_audit - directory=AUD_DMP -file_size=25000000 - data_retention_period=31 20
  • 21. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1221 Best Practices for Auditing  Plan carefully to ensure that you capture the data that you require to audit effectively.  Use and External audit service and secure the files created to retain audit data outside the repository in case of significant loss. 21
  • 22. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1222 Connect with me-
  • 23. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1223
  • 24. Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 1224