Imperva Cyber Community

Expand all | Collapse all

MX-HA Hardening Configuration

  • 1.  MX-HA Hardening Configuration

    Posted 09-01-2020 18:49
    Hi team

    I have a question/ problem, im trying to implement an MX-HA configuration between 2 MX, i have no problems until i get to the hardening communication between both.

    It shows this error: "SSH must be configured for both 'root' and 'oracle' on both servers"

    i type on the secondary MX this command: impctl hardening config --root-source-ip-exception="source ip address" as require the primary MX and it shows a status OK on the opening of SSH session between them.

    im my lab i check and add the same to root (as it required), also to system that is the DB user also i try to add secure user but any user works, also i was checking the admin guide on version 13.0 and 13.5 but there is no info about securing and hardening oracle user on MX-HA configuration?

    Do you have any idea on this info and which specific user i have to provide access?
    #DatabaseActivityMonitoring

    ------------------------------
    Jose Bolanos
    SISAP
    ------------------------------


  • 2.  RE: MX-HA Hardening Configuration

    Imperva Employee
    Posted 09-03-2020 14:44
    Hi,

    My understanding is all that all is required is to set up SSH trust for both the oracle and root users.  But, you do have to add the exception for root.

    - BA

    ------------------------------
    Brian Anderson
    ------------------------------