К сожалению, Ваш поиск не дал результатов.

Рекомендуем сделать следующее:

  • Проверьте правильность написания ключевых слов.
  • Используйте синонимы введенных ключевых слов, например “приложение” вместо “программное обеспечение”.
  • Начните новый поиск.
Учетная запись Cloud Вход в Cloud
Учетная запись Oracle

Cloud Guard Frequently Asked Questions (FAQ)

Open all Close all

    General Questions

  • What is Oracle Cloud Guard?

    Oracle Cloud Guard helps customers maintain good security posture by detecting weak security configurations and activities that can indicate cloud security risks.

    Cloud Guard detects security problems within a customer tenancy by ingesting audit and configuration data about resources in each region, processing it based on detector rules, and correlating the problems at the reporting region. Identified problems will be used to produce dashboards and metrics and may also trigger one or more provided responders to help resolve the problem.

    Responders can mitigate, correct, and prevent security issues based on a problem.

  • How do I enable Cloud Guard?

    Cloud Guard is available by default within your Oracle Cloud Infrastructure (OCI) tenancy and can be accessed from the OCI Security console. Here are the steps for enabling Cloud Guard for the first time:

    Pre-Requisites: Cloud Guard is not available for free Oracle Cloud Infrastructure tenancies. Ensure that you have a paid tenancy before you attempt to enable Cloud Guard.

    For the complete set of other pre-requisites please refer to https://docs.oracle.com/en-us/iaas/cloud-guard/using/prerequisites.htm

    • From the Top-level menu, go to Security -> Cloud Guard
    • Click on Enable Cloud Guard
    • Add the required Oracle Identity and Access Management (IAM) policies by clicking on Add Statements, then press Enable.
    • You should now see the Cloud Guard overview page.
    • Data collection will begin and update the contents of the page as the tenancy’s security configuration is assessed globally.
  • How much does Cloud Guard cost?

    Cloud Guard for OCI Configuration and OCI Activity is provided free of charge for supported OCI services.

  • Is Cloud Guard a regional or global service?

    Cloud Guard is implemented regionally and aggregates problems to the customer-selected reporting region to provide a global view.

  • Which regions are monitored?

    All commercial regions for the tenancy will be monitored regions. Please see here for a list of currently supported regions here: https://docs.cloud.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm

  • Can I change the reporting region?

    No, the reporting region cannot be changed. Reporting region can be chosen during the Cloud Guard enablement, once assigned this setting cannot be changed even upon disable and enable of Cloud Guard.

    The reporting can only be enabled during the Cloud Guard enablement. So, if customer needs to change the existing reporting region they can disable Cloud Guard and during the re-enablement process they can choose the same or a different reporting region.

    Please note that when you try to re-enable with a different reporting region, there is a wait period of approximately 20 min, this is because of the resource sync up that needs to happen across regions.

  • Does Cloud Guard show me any metrics that indicate my current Security Posture?

    Yes, Cloud Guard provides two key metrics the Risk Score and the Security score as part of the Overview page in the Console. Security Score is a normalized value ranging from 0-100 that uses the number, types, and severity of problems to determine an overall assessment of the strength of security posture. Risk Score complements the Security Score by evaluating the number of total resources being monitored, the sensitivity of each resource type, and the severity of any problems related to the resources to determine the total risk exposure of a tenant. These are used to help assess what could be “small but insecure” and “large but overall secure” environments correctly.

  • What kind of compliance standards does Cloud Guard support today?

    Cloud Guard aligns with the CIS Foundations benchmark standard for OCI. Additional compliance features are expected post-GA.

  • What’s the difference between Cloud Guard and other OCI SIEM-like services and tools?

    SIEMs and Cloud Guard are complementary services. Cloud Guard provides security posture assessment and security monitoring of OCI tenancy by ingesting audit/log data and by monitoring the configuration state of resources. OOTB detectors are provided and enabled by default in Cloud Guard that help detect the problems for your resources. SIEM based services ingest log data from resources and applications and provides support for search/analytics engine to perform forensic investigations and potentially identify new indicators of risk or custom event discovery. Cloud Guard’s automated remediation features (aka Responders) can be configured and initiated by Cloud Guard whereas actions should be defined as part of the rules construct for the SIEM tools.

  • How can Cloud Guard integrate with my SecOps and incident response processes?

    Most customers want cloud security monitoring to integrate with existing processes, procedures, and people. Many InfoSec teams will integrate Cloud Guard problems with their internal SIEM tools to tie Cloud Guard problems with their internal processes. These integrations may use the Cloud Guard APIs, and/or existing OCI Infrastructure services such as OCI Events, OCI Notifications, and OCI Functions. Cloud Guard can be Events to trigger (e.g.) sending problems to email, Slack, and PagerDuty as well as to custom OCI Functions. Customers can also use the Events to OCI Functions to build custom integration or responses based on customers' use-cases.