Enterprise Manager Integration - Oracle 11g

Oracle from release to release continues to strengthen its graphical user interfaces (GUIs) for database management and configuration.This continues to be the case with Oracle Database 11g relative to security setup,management,and configuration.

Transparent Data Encryption with Enterprise Manager Database Console

You can create encryption keys and control security using the Oracle Enterprise Manager Database Console.One of the enhancements made in Oracle Database 11g is the integration of the wallet creation with Enterprise Manager Database Console.To enable TDE,the navigation path is Server -->Security (Transparent Data Encryption).

The new TDE setup screen looks like the screen displayed in Figure

TDE setup

TDE setup

All you have to do is determine what you want your password to be.Once you create the wallet,you can proceed to other security-related options such as creating an encrypted tablespace.If you click the Advanced Option button,you will have the option to rekey the master key.You might want to do this is if you think your master key has been compromised.

You can revisit the screen in Figure after each database bounce to open the wallet.By providing the master key password for the database,you are able to open the wallet.

Tablespace Encryption with Database Console

Earlier in this chapter,we demonstrated how to set up tablespace encryption using the conventional SQL syntax.All of the tablespace encryption features are also configurable using Database Console.You can navigate to the table space setup screen within Database Console by selecting Server --> Storage (Tablespaces) --> Create.

You will see the new encryption options provided,as shown in Figure

Tablespace setup

Tablespace setup

After you provide the tablespace name and add the specifics for the data file(s), you can click Encryption Options and see the encryption algorithms provided by Oracle.Figure shows all the encryption options you can set for the tablespace with Database Console.

Encryption algorithms

Encryption algorithms

A nice feature that Database Console added is the automatic detection of Oracle Wallet. Although you are attempting to create an encrypted tablespace using Database Console,if Oracle detects that a wallet is not open,Oracle will ask you whether you want to enable TDE, as depicted in Figure

Oracle Wallet detection

Oracle Wallet detection

Finally, before you finalize on the creation of your new tablespace, you can review the SQL syntax and confirm that it is as expected.The SQL syntax for the docs_d_e tablespace looks like Figure

Reviewing the SQL syntax

Reviewing the SQL syntax

Oracle’s direction is to provide more and more SQL validation screens in their Database Console and Grid Control products.This allows seasoned veterans to review SQL syntax and provides great learning opportunities for new DBAs.

Policy Trend Overview

Enterprise Manager Database Console provides a new screen to display secur ity compliance of your database.Your database is scored against a set of best-practice guidelines established by Oracle. You can navigate to the Policy Trend Overview screen from the main Enterprise Manager Database Console page. Look out for the link next to the Compliance Score (%) in the Policy Violations section.The Policy Trend Overview screen looks like Figure

Security Policy Trend Overview screen

Security Policy Trend Overview screen

Additional Security Management Integration in Database Console

Oracle Enterprise Manager Database Console replaces the Policy Manager Java console.Although the Policy Manager tool remains available, you can administer the Oracle label security,application contexts,and virtual private database using the Enterprise Manager Database Console.The URLs to maintain Virtual Private Databases, Oracle Label Security,and application contexts are available by navigating to Database Console and selecting Server --> Security.

Enterprise Manager Database Console also replaces the Enterprise User Security management.You must modify the ldap.ora file before modifying the menu options for Enterprise User Security become available. The Enterprise Manager Security tool is still available.


All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status

Oracle 11g Topics