The service can authenticate to one or more Oracle instances on a single host. When there are multiple Oracle instances, you create a separate authentication record for each instance. In the authentication record, supply a user name and password, the Oracle System ID (SID) for the database you want to authenticate to and the port the SID is on.
Using the specified credentials, the scanning engine is able to authenticate to Oracle databases at the time of the scan in order to gather additional system information and perform more in-depth vulnerability analysis.
It is strongly recommended that you create one or more dedicated user accounts to be used solely by the scanning engine to authenticate to Oracle databases.
• Authenticate to multiple Oracle instances on a single host.
• Report authentication status for each Host/Port combination.
• Gather Oracle compliance data at the operating system level (Windows and Unix)
• Authenticate to an Oracle Listener in order to enumerate a list of databases behind the Listener. This information is useful if you want to create Oracle authentication records and don't know the Oracle System IDs (SIDs). To learn more, see Oracle Listener Authentication.
For vulnerability scanning, Oracle authentication is supported for Oracle Database Versions 8, 9, 10 and 11.
For compliance scanning, refer to the supported technologies list to identify the specific Oracle versions that are currently supported for policy compliance. The list of supported technologies is updated on a regular basis. Go to Controls under Tools, and then click Search. The Search pop-up window includes a list of supported technologies.
The service provides a collection of scripts for successfully setting up Oracle trusted scanning for vulnerability scans and compliance scans. The scripts guide you through creating a user account with required privileges for authenticated scanning. Scripts and step-by-step instructions are described in the following documents:
Oracle Trusted Scanning: Setup for Vulnerability Scans
Oracle Trusted Scanning: Setup for Compliance Scans
Both documents are available for download from the Tips & Techniques section on the Resources page (Help > Resources).
Once you've defined a user account to be used for authentication, it's time to add an Oracle authentication record. See Creating Oracle Records for instructions.