Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  Agent OS image

    Posted 9 days ago

    We are planning to create a golden image/template for Oracle 19C and replicate the same for different Databases. Is it possible to deploy DAM agent in VM template/Golden image? 

    Will the DAM agent work when the VM templates are used?


    #DatabaseActivityMonitoring
    #ImpervaAgent

    ------------------------------
    Charles
    ------------------------------


  • 2.  RE: Agent OS image

    Posted 9 days ago
    Edited by John Thompson 9 days ago

    Hi Charles,

    .

    The answer is, "Yes, you can."

    May I ask precisely which automation solution(s) you're using?

    .

    I ask because we have several Automation / Scripting / APIs / Apps available to help you at Imperva's GitHub.  A few of which we're particularly proud of right now include our Terraform Providers and Modules that include agent support.  I don't believe we have an Oracle-specific module ready yet, but if you're already investing in Terraform yourself, you could use an existing module as a starting point for your own internal Oracle agent deployment module.  

    If your goal is to fully automate your environment, including managing and deploying security solutions, you may also want to leverage our eDSF kit. This kit is centered around Terraform and can be used to deploy/re-deploy an entire Data Security Fabric solution in your environment(s).  Feel free to contact @Gaurav Agarwal for more details and enablement around DSF.

    .

    Having shared all of that, including an agent in your VM template/Golden image, needs to take into consideration the following:

    1. The agent may be installed but should be Un-registered when included in a golden image or template
      1. agents that are already registered and deployed as part of an image are ok for DR but will require additional steps to manage as part of a general template.
    2. After initial image deployment, the agent needs to be registered to a Gateway, or preferably a Cluster.
      1. The agent registration may be easily scripted as part of a template or after the startup step
      2. Note: many documentation and KB articles are available at Imperva's Documentation Portal to provide steps and examples for scripted automation on Windows or Linux systems
        1. Two examples you might find useful are: Syntax for Command Line Scripting of SecureSphere DAM Agents and Silent Registration Parameters 

    .

    Let us know if you have any other questions regarding DAM, DSF, or Agents.

    .

    -- JT



    ------------------------------
    John Thompson
    Director, Channel Presales
    Imperva
    San Diego CA
    ------------------------------

    Original Message