Professional Documents
Culture Documents
Webcast - Secure Database Configurations and Meet CIS Benchmark Standards
Webcast - Secure Database Configurations and Meet CIS Benchmark Standards
Webcast - Secure Database Configurations and Meet CIS Benchmark Standards
The following is intended to outline our general product direction. It is intended for information
purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
material, code, or functionality, and should not be relied upon in making purchasing decisions. The
development, release, timing, and pricing of any features or functionality described for Oracle’s
products may change and remains at the sole discretion of Oracle Corporation.
2
Copyright © 2020, Oracle and/or its affiliates |
Best Practices For Security Compliance Using Enterprise Manager
We have worked with many companies to help secure database assets and ensure compliance with
security policies, and have compiled these steps for on-going compliance.
• Setup security standard for your Oracle Database parameters to enforce your security policy
• Continuous monitoring and reporting of security violations for your Oracle Database environment
3
Copyright © 2020, Oracle and/or its affiliates |
Agenda
4
Copyright © 2020, Oracle and/or its affiliates |
Monitoring, Management and Control for Oracle Database and
Engineered Systems: Enterprise Manager
Comprehensive management
for Oracle Database and
Oracle Engineered Systems
Centralized control of
integrated diagnostic, tuning
and lifecycle activities
5
Copyright © 2020, Oracle and/or its affiliates |
Database Lifecycle Management Pack Overview
Configure
6 Copyright © 2020, Oracle and/or its affiliates. All rights reserved.
Today’s Security Challenges
7
Copyright © 2020, Oracle and/or its affiliates |
Security Compliance Demands
How do I know databases are Am I meeting my LOB compliance What violations do I need to
Complaint with Security policy? SLAs for Finance and HR specific remediate at this moment?
database instances?
Is the compliance posture Current security posture of What vulnerability do I fix next
sufficiently improving? database instances? based on prioritization & risk
level?
What do I need to do to fix Are my resources deployed
SLAs Violations? effectively to ensure How do I remediate violations?
compliance?
8
Copyright © 2020, Oracle and/or its affiliates |
Security Compliance Management with Enterprise Manager
Continuous Security
Compliance At Scale Automated Ready to use
Management Remediation Standards
9
Copyright © 2020, Oracle and/or its affiliates |
Ready to Use Compliance Security Standards
11
500+ Individual Compliance Rules
Copyright © 2020, Oracle and/or its affiliates |
CIS Benchmark Standards for Oracle Database 12c
13
Copyright © 2020, Oracle and/or its affiliates |
User Access and Authorization Restrictions
14
Copyright © 2020, Oracle and/or its affiliates
Auditing
15
Copyright © 2020, Oracle and/or its affiliates |
Automated Database Security Assessment with CIS Benchmark
Oracle 12c Database CIS v2.1.0 Oracle 12c Database CIS v2.1.0
DBA is required to assess 12c database for Oracle Cluster Database for Oracle Database
targets against CIS Benchmarks
• Select CIS Benchmark Standard for Cluster or
Single Instance
• Review CIS rule definition for each category
• Modify rule definition using SQL Query
provided, if required
• Associate Single Instance targets to Standard
• Compliance check is initiated once association
is confirmed
• Reviews results and violations
• Remediate violations or suppress for a given
duration
16
Copyright © 2020, Oracle and/or its affiliates |
Continuous Compliance Auditing
17
Copyright © 2020, Oracle and/or its affiliates |
Demo: Secure Oracle Database with CIS Benchmark
18
Copyright © 2020, Oracle and/or its affiliates |
19
What Questions
Blog: Enterprise Manager CIS Benchmark
Certification Eases Adoption of Secure
Database Best Practices
Do You Have?
https://blogs.oracle.com/oem/enterprise
Visit us online -manager-cis-benchmark-certification-
http://www.oracle.com/manageability eases-adoption-of-secure-database-
blogs.oracle.com/oem best-practices-v2
youtube.com/OracleEnterpriseMgr
twitter.com/Oracle_Mgmt
https://www.oracle.com/corporate/events/enterprise-
manager-webcast-series.html
• Comprehensive Lifecycle
Automation and Control
22 Copyright © 2020,
Copyright © 2019, Oracle
Oracle and/orand/or its All
its affiliates. affiliates. All rights reserved.
rights reserved.
Thank you
23
Copyright © 2020, Oracle and/or its affiliates |