Imperva Cyber Community

Expand all | Collapse all

MX-HA Hardening Configuration

  • 1.  MX-HA Hardening Configuration

    Posted 27 days ago
    Hi team

    I have a question/ problem, im trying to implement an MX-HA configuration between 2 MX, i have no problems until i get to the hardening communication between both.

    It shows this error: "SSH must be configured for both 'root' and 'oracle' on both servers"

    i type on the secondary MX this command: impctl hardening config --root-source-ip-exception="source ip address" as require the primary MX and it shows a status OK on the opening of SSH session between them.

    im my lab i check and add the same to root (as it required), also to system that is the DB user also i try to add secure user but any user works, also i was checking the admin guide on version 13.0 and 13.5 but there is no info about securing and hardening oracle user on MX-HA configuration?

    Do you have any idea on this info and which specific user i have to provide access?
    #DatabaseActivityMonitoring

    ------------------------------
    Jose Bolanos
    SISAP
    ------------------------------


  • 2.  RE: MX-HA Hardening Configuration

    Imperva Employee
    Posted 25 days ago
    Hi,

    My understanding is all that all is required is to set up SSH trust for both the oracle and root users.  But, you do have to add the exception for root.

    - BA

    ------------------------------
    Brian Anderson
    ------------------------------