Search

OakieTags

Who's online

There are currently 0 users and 44 guests online.

Recent comments

STIG

Associating Oracle Database 12c Databases with Compliance Standards

In my last post, I walked you through the first part of installing the Oracle Database 12c STIG compliance standards sample code. The next step to using these compliance standards is to associate your Oracle Database 12c databases with these standards. You may recall there are two separate standards in the sample code, one for multitenant databases and the other for conventional architecture databases. The process of associating the databases is the same in each case. You simply have to choose the compliance standard that matches your architecture. In this walkthrough, I will show you how to associate a multitenant database with the “Oracle 12c PDB STIG” compliance standard.

The first step is to go to the “Compliance Standards” tab on the “Compliance Framework” page. To access this, follow the menu path “Enterprise” -> “Compliance” -> “Library”:

Installing the Oracle Database 12c STIG Compliance Standard Sample Code

In a recent post, I announced the release of some sample code that created two new compliance standards for DISA’s Oracle Database 12c Security Technical Implementation Guide. The sample code includes details on how to install the compliance standards, but I wanted to walk you through an example of installing it with screenshots and more commentary than is in the sample code. So let’s start off with some of the assumptions you need to be aware of.

Sample Code Prerequisite Assumptions

As I mentioned in the post announcing the sample code, there are some inbuilt assumptions when using this sample code:

Oracle Database 12c STIG Compliance Standard sample code is here!

One of the most requested features in the compliance management area has been a compliance standard for Oracle Database 12c. As most of you would know, Oracle Database 12c has been out for quite some time, and indeed Larry Ellison has just announced at OOW2016 availability of Oracle Database 12cR2 in Oracle’s public cloud offering. However, as I discussed in another post earlier this year, creating a new STIG compliance standard is not a simple matter. In fact, we are still working on integrating the DISA Oracle Database 12c compliance standard into Enterprise Manager Cloud Control 13c.

What’s Involved in a New STIG Release?

This blog post was prompted by a comment on my website by Chris Peterson, where he asked why the 11g STIG checklist doesn’t work against Oracle Database 12c.  This required a more comprehensive answer than I could give in a simple comment, so that’s what this blog post is all about.  Let’s start off with a bit of an introduction for those of you that are asking, “What the heck is a STIG anyway?” </p />
</p></div>

    	  	<div class=

Enterprise Manager STIG Compliance Standards for Oracle Database 11gR2

This is the second of the two posts I wanted to copy from Dave Wolf’s web site. As I mentioned in the first of these two posts, Dave is a colleague of mine who used to own the DBLM area as far as the Enterprise Manager product management team is concerned. However, he has moved to another area in Oracle and I have inherited his responsibilities for change management, compliance management and configuration management, so I want to make sure this material remains available. This post was originally written in April, 2015, and relates to the STIG compliance standards for Oracle Database 11gR2. I’ll be updating this material with another blog in the next month or so with information on the latest STIG compliance standards, so stayed tuned for that! But here’s Dave’s earlier post: