Enterprise Security and Compliance Features
Simplifying security compliance
Audit for security compliance
Compliance Management automates the evaluation of secure configurations and audits of Oracle Databases and underlying Linux hosts for compliance with security best practices. It enables defining, customizing, and managing compliance frameworks, standards, and rules. Additionally, it provides guidance on adjusting security controls to ensure assets remain compliant.
Exadata engineered systems compliance
Enable fleet-level automated risk management for Exadata systems across on-premises and cloud environments. Scan databases, servers, and infrastructure components for security, performance, availability, and scalability issues using out-of-the-box Autonomous Health Framework (AHF) and Oracle EXAchk security compliance standards. EXAchk native reports are integrated with Enterprise Manager for comprehensive risk assessment.
Security assessment with DBSAT
Database Security Assessment Tool (DBSAT) is integrated with Enterprise Manager’s compliance framework, enabling fleet-level automated security assessments and sensitive data discovery in Oracle Databases. Utilize out-of-the-box DBSAT security compliance standards to scan databases and leverage native reports for comprehensive findings analysis.
Manage elevated privileges
Enforce security policies with the principle of least privilege to restrict access to database components. Leverage out-of-the-box industry and regulatory security standards to gain insights into administrative privileges and audit target activities against security best practices. Define, customize, and manage compliance frameworks, standards, and rules to maintain security posture. Additionally, compliance management provides guidance on configuration changes needed to ensure continuous compliance.
Enterprise security
Security configuration management
Misconfigurations expose systems to security breaches. Continuously assess, monitor, and manage configuration changes to mitigate risks. Ensure compliance by evaluating and auditing target configurations against security policies. Gain granular insights into configuration changes, such as who made them and when. Implement automated remediation to revert unauthorized changes and maintain security compliance.
Patch to secure
Fleet Maintenance is your all-in-one solution for managing updates and upgrades across Oracle Databases in hybrid and multicloud environments. It enables administrators to secure databases and grid infrastructure by efficiently applying all necessary patches. This includes maintaining Oracle Homes and associated assets with one-off patches, quarterly security patch updates, and monthly recommended patches (MRPs).
Manage configuration sprawl
Use Software Standardization Advisor to scan database configuration across all assets and generate an on-demand report of the existing environment. This helps administrators streamline database management by reducing the number of configurations they need to maintain. By standardizing configurations, it minimizes patch conflicts per database and decreases the number of merged patches required, simplifying the patching process.
Privileged access management integration
Privileged access management (PAM) solutions eliminate the need for hard-coded application credentials embedded in applications, scripts, or configuration files and allow susceptible passwords to be centrally stored, logged, and managed within the vault. This unique approach enables organizations to comply with internal and regulatory compliance requirements of periodic password replacement and monitor and audit privileged access across all systems, databases, and applications. PAM solutions help secure privileged access to critical assets, such as databases and hosts, by centrally managing account passwords and providing access rules for privileged and non-privileged accounts to control who can use those accounts to log on to your assets. Integrating PAM solutions, such as CyberArk and HashiCorp, with Enterprise Manager credential framework sets organizations on the right track to fully manage their privileged accounts for databases, hosts, or applications in a manner compliant with their security and compliance policies.
Enterprise Manager platform
Rapid Platform Update
Rapid Platform Update (RPU) is a patching framework that enables users to apply Enterprise Manager rapid updates on Oracle Management Service (OMS) while it is up and running. The RPU patching capability gives Enterprise Manager administrators the flexibility to bring down the OMS whenever they need to finish the patching activity during peak or non-peak hours. Given that this takes very minimal downtime, the maintenance window is also expected to be low. RPU uses the OMSPatcher utility to patch the OMS to minimize or eliminate downtime and utilizes Oracle Database Edition-Based Redefinition (EBR) technology to update the database component of an application in a separate “edition” while it is in use. During the patching process, the OMSPatcher creates a new edition for applying the SQL change inside the repository database. Changes to the repository are performed on the new edition that is created by the patching and later rolled over into the actual repository database during the planned downtime.
Enterprise Manager High Availability
Enterprise Manager High Availability offers a comprehensive solution that ensures uninterrupted monitoring and management across four distinct high availability levels. Designed to withstand disruptions and planned maintenance, this robust system delivers continuous availability, real-time monitoring, and rapid issue resolution for optimal performance. Failover mechanisms provide seamless transitions between primary and standby systems, minimizing downtime and sustaining critical operations. With resilience during planned maintenance, organizations can meet service level agreements (SLAs) with reduced downtime. The solution's scalability and flexibility cater to evolving IT needs, offering centralized control for efficient governance. Elevate your IT management with Enterprise Manager High Availability, where continuous operational continuity meets the specific demands of four high availability levels, ensuring a resilient and responsive IT environment.