Policies

Policies are sets of rules and actions applied in real time to the data source traffic observed by Guardium® Data Security Center. Policies define which traffic is ignored or logged, which activities require more granular logging, and which activities should trigger an alert.

Note: Data Compliance DDR Users of the Data Compliance and DDR modules can create custom policies or policies from a template. You can also modify its name and its rules.
Policy

A security policy contains an ordered set of rules to be applied to the observed traffic between database clients and servers. Multiple policies can be defined in Guardium Data Security Center at the same time.

Policy rule
Each rule in a policy defines a conditional action and can apply to a request from a client, or to a response from a server. The condition tested can be a simple test - for example it might check for any access from a client IP address that does not belong to an Authorized Client IPs group. Or the condition tested can be a complex test that considers multiple message and session attributes (database user, source program, command type, time of day, etc.), and it can be sensitive to the number of times the condition is met within a specified time frame.
Rule action
Rule actions are actions that are triggered when a policy is violated. For more information about rule actions, see Policy rule actions.

To open the Policies page, select Configurations > Actions > Policies in the main menu. Open this menu by clicking the main menu icon (main menu). When you first open the page, you will see all existing policies (active and inactive).

Important: If you have policy rules that use groups as rule conditions, modifying the groups by adding or removing members will result in reactivation of group members.