Policies
Policies are sets of rules and actions applied in real time to the database traffic
observed by a Guardium system. Policies define which traffic is ignored or logged, which activities
require more granular logging, and which activities should trigger an alert or block access to the
database.
Understanding policies
A security policy contains an ordered set of rules to be applied to the observed traffic between database clients and servers. Each rule can apply to a request from a client, or to a response from a server. Multiple policies can be defined and multiple policies can be installed on a Guardium appliance at the same time.
Session-level policies
Session-level policies and advanced session-level policies create new possibilities for detecting suspicious behavior of users of services as well as security incidents. Session-level policies are created using the Policy Builder for Data , and advanced session level policies are created as scripts using the SR language and uploaded to Guardium using the Policy Builder for Data .
Policy rule actions
Define blocking, alerting, or logging actions to take when policy rules are matched.
Creating and installing a policy and policy rules
Use the Policy Builder for Data to manage policies and policy rules.
Tagging policy rules
Guardium provides predefined policy rule tags and supports custom tagging of rules. Use tags to quickly create and manage policies aligned with specific compliance standards, reporting and auditing requirements, or geographies.
Using the Policy Installation tool
Learn how to install a policy on your Guardium system.
Running policy analyzer and reviewing results
Policy analyzer provides insights that help identify frequently fired rules, optimize rule order, and evaluate rule changes.
Security incident policies
Guardium® provides several session level policy templates that encapsulate security problems that are frequently found at run time.