Search Imperva Community for
We are running Imperva 13.6 Oracle agent with <enable-oracle-aso>true</enable-oracle-aso> set.
Now, we assume that there is some Oracle connection that have Oracle Native Network Encryption disabled and still managed to connect to the database. We want to detect and alert such connections. Is this possible please?
Thanks and Regards,
Database Security Specialist
Cyber Security , Cyber Protection & Design, Cyber Protective Service - DBAM
If the connection to your database is encrypted, you need to take additional action to decrypt traffic, otherwise SecureSphere will be unable to see data.
SecureSphere supports the following types of database connection encryption :
ASO (NDE – Diffie Hellman) - Oracle only
Oracle Advanced Security is an encryption protocol similar to SSL. ASO is currently supported on specific platforms including some RedHat and OEL-UEK platforms.
To configure support for ASO in SecureSphere:
If you are using ASO to encrypt your database connection, you must enable both ASO and EIK via the specific agent's Advanced Configuration pane in SecureSphere.
First, to identify if your database is configured for ASO encryption, on the database server open the file sqlnet.ora, then search for the string "ENCRYPTION_SERVER" or "ASO". If neither of these strings is found, then NDS (ASO) is not configured.
or Contact Us
Copyright @ 2019 Imperva. All rights reserved