Policies

Policies are sets of rules and actions applied in real time to the data source traffic observed by Guardium® Insights SaaS. Policies define which traffic is ignored or logged, which activities require more granular logging, and which activities should trigger an alert.

Note:

Essentials In the Essentials edition, policies and rule actions are created and installed automatically when you set up your data compliance program. Users receive email notifications when these policy rules are triggered.

Standard Premium The Standard and Premium editions include all the features of the Essentials edition. In addition, the Standard and Premium edition users can create custom policies or policies from a template. You can also modify its name and its rules.

Policy

A security policy contains an ordered set of rules to be applied to the observed traffic between database clients and servers. Multiple policies can be defined in Guardium Insights SaaS at the same time.

Policy rule
Each rule in a policy defines a conditional action and can apply to a request from a client, or to a response from a server. The condition tested can be a simple test - for example it might check for any access from a client IP address that does not belong to an Authorized Client IPs group. Or the condition tested can be a complex test that considers multiple message and session attributes (database user, source program, command type, time of day, etc.), and it can be sensitive to the number of times the condition is met within a specified time frame.
Rule action
Rule actions are actions that are triggered when a policy is violated. For more information about rule actions, see Policy rule actions.

To open the Policies page, select Policies in the main menu. Open this menu by clicking the main menu icon (main menu)) When you first open the page, you will see all existing policies (active and inactive).

Important: If you have policy rules that use groups as rule conditions, modifying the groups by adding or removing members will result in reactivation of group members.