Oracle records are used for authenticated scanning of Oracle instances. During scanning the service will authenticate to one or more Oracle instances on a single host using all the Oracle records in your account. For compliance scans, you can allow the service to authenticate to multiple Oracle instances on a single host and port combination.
See Oracle Authentication Setup for information on Oracle account requirements for authenticated scanning.
See Oracle Use Cases for more information on how to configure Oracle records.
The privilege to create authentication records is granted to all Managers automatically. Managers may grant Unit Managers the privilege to create authentication records for hosts in their business unit. This option is set when creating or editing a Unit Manager's account.
1. Select Authentication Records from the left menu, under Tools.
2. Go to New > Oracle Record.
3. In the Title field, enter a descriptive name for this record.
4. On the Login Credentials tab, specify the user name and password to be used for authentication, identify the database instance to authenticate to, and enter the port that the database instance is running on. See Login Credentials for complete details.
5. On the IPs tab, select all hosts that the scanning engine should log into with the specified credentials. See IPs for complete details.
6. (Optional) To perform additional Oracle checks, provide details about your Oracle installation on the Windows and/or Unix tab. See Windows and Unix for complete details. (Note: The Windows tab is only visible when the policy compliance module is enabled for your subscription.)
7. In the Comments field, enter notes about the account, credentials or hosts.
8. Click Save.
After creating an Oracle record, you must enable this feature in your scan options for vulnerability scans. Create or edit an option profile and select the Oracle option under Authentication on the Scan tab. Then apply that profile to vulnerability scan tasks.
Note that Oracle authentication is automatically enabled in compliance profiles for compliance scan tasks.