Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Configuring a Database/Schema to Application Mapping

    Posted 09-17-2020 08:16
    Hi Community,

    I am looking for a working guide for Configuring a Database/Schema to Application Mapping. The official Data security guide is not much help. I have created a DB application and applied an Application DB Audit all. But i cant seem to get the Application DB audit all to work. However, if i apply the same DB Audit All at Service Level, it works. 

    Thank you.
    #DatabaseActivityMonitoring

    ------------------------------
    LEE HOUREN
    DMX PACKET SDN BHD
    KUALA LUMPUR
    ------------------------------


  • 2.  RE: Configuring a Database/Schema to Application Mapping
    Best Answer

    Posted 09-17-2020 08:27
    HI
    Once you create an application under a service, along side the default application, at the service level, goto the applications tab, then add an entry to map the database/schema to the application you created. 

    then you can create a db application level policy, the applications created under the service level will be available on the apply to tab

    thanks


    ------------------------------
    Trevor Jackson
    ------------------------------



  • 3.  RE: Configuring a Database/Schema to Application Mapping

    Posted 09-18-2020 07:49

    Hi Trevor,

     

    My password to the online page not working.

     

    I have a question related this thread.

     

    Our site is running Oracle Partitioned database. There are hundreds of Oracle service living in one database across multiple nodes. How can we design the application/schema mapping effectively. Currently, I am creating the mapping on policy level manually and is vey tedious.

     

    Thanks and Regards,

    Dom

     

    Database Security Specialist

    Cyber Security , Cyber Protection & Design, Cyber Protective Service - DBAM

     

    Level 19, 2 Market Street Sydney NSW 2000

    Mobile +61 401 540 873
    Email    
    dominic.tsang@cba.com.au  

     






  • 4.  RE: Configuring a Database/Schema to Application Mapping

    Posted 09-18-2020 10:02
    Hi
    when you have a large volume of services or instances running on oracle clusters, i have handled this in one of two ways
    1. under server group - create multiple oracle services - then on the agent data interfaces allocate the Imperva service to the ipadddress:port, allow for a default in case new interfaces are added. 
    2. create one oracle service and then create applications and then map the database/schema to the application via the applications tab on the service level.

    if you use the application method, also look at Setup->Applications - using this will allow you to map your service level applications into an application container.

    you also have service and application level security/audit policies:
    service level will apply to all applications under the service level
    application level will apply to the applications selected.

    the initial setup is time consuming when dealing with large oracle cluster environments - but using the application level approach gives you more flexibility a the database instance level.

    thanks
    Trevor.

    ------------------------------
    Trevor Jackson
    ------------------------------



  • 5.  RE: Configuring a Database/Schema to Application Mapping

    Posted 09-18-2020 10:31

    Thanks Trevor for getting back to me.

     

    It appears that our approach is close to  the application approach you mentioned but not exactly.

     

    Would you mind share your email so that I can post some example to you for review and recommendations ?

     

    Thanks and Regards,

    Dom

     

    Database Security Specialist

    Cyber Security , Cyber Protection & Design, Cyber Protective Service - DBAM

     

    Level 19, 2 Market Street Sydney NSW 2000

    Mobile +61 401 540 873
    Email    
    dominic.tsang@cba.com.au  

     






  • 6.  RE: Configuring a Database/Schema to Application Mapping

    Posted 09-20-2020 22:22
    Thanks Trevor,

    We have got it working now. We did not put the database name correctly when mapping to application. Once we had done that, we can see the audit events coming in. Thanks for your help.

    ------------------------------
    LEE HOUREN
    DMX PACKET SDN BHD
    KUALA LUMPUR
    ------------------------------