Login  
Hello there!

Need Help? We are right here!
miniOrange Support
miniOrange Email Support
success

Thanks for your Enquiry.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Contents

Configure & Manage Database Policies

Database Policies in miniOrange PAM help administrators control and manage access to database resources securely. These policies allow enforcement of session timeouts, MFA, activity recording, and access permissions to enhance security and compliance.

This guide walks you through the steps to configure database policies, set security controls, and define access management rules.


Glossary:

Database Policy: A security rule set that governs access and actions on database applications.
Session Timeout: The duration before an idle session is automatically terminated.
Audit Events: Tracks all executed commands and actions for auditing purposes.
Recorded Sessions: Logs user activity for later review.
Live Stream: Enables real-time monitoring of user actions.
Enforce MFA: Requires multi-factor authentication for added security.
Transaction Control: Determines whether commands are executed in a transactional manner.

How to Manage Database Policies:

Follow these steps to add and manage database policies effectively.

Accessing the Database Policies Section:

  • Open the miniOrange PAM dashboard.
  • Navigate to the Policies section in the left-side menu.
  • Click on Database Policy to access the policy dashboard.

    • How To Manage Database Policies

Adding a Database Policy:

To add a setup new Database Policy:

  • Click + Add Web App in the database policy dashboard.
  • A pop-up window appears with two configuration tabs:
  • General
  • Advanced

General Settings:

  • Database App: Select the target database from the dropdown.
  • Policy Name: Enter a descriptive policy name.
  • Session Timeout: Define the idle session timeout in minutes.
  • Enable Security Features(Checkbox options):
    • Audit Events: Tracks all actions for security and compliance.
    • Record Sessions: Records all user activities for later review.
    • Live Stream: Allows real-time monitoring of database sessions.
    • Enforce MFA: Adds an extra layer of authentication security.

      • To Add a Setup New Database Policy General


Advanced Settings:

  • Transaction Control:

    • Determines whether database commands should be executed as part of a transaction.

    • Commands: Specify which database commands (DELETE, UPDATE, INSERT) should be controlled.
    • Password Field: Enter the password field identifier.
    • Auto Commit Conditions: Define when commands should be auto-committed.
  • App Access Action:

    • Defines user access levels to database applications. The available options include:

    • ALLOW: Grants direct access to the database.
    • ELEVATED_REQUEST: Allows users to request elevated access.
    • REQUEST: Requires admin approval for access.
    • BLOCK: Restricts user access completely.
  • Default Resource Action:

    • Specifies how commands are handled when no matching policy is found. The available options include:

    • ALLOW: Allows the command execution.
    • DENY: Blocks the command execution.
  • Command Control:

    • Configure allowed (whitelist) or restricted (blacklist) database commands.

    • WHITELIST: Only the specified commands are allowed.
    • BLACKLIST: The specified commands are blocked.

      • To Add a Setup New Database Policy Advance

    📝Note: Command Entry: Enter commands in the text box, separated by a colon (:).

    Once all settings are configured, click Add to save the policy.

Database Policy Table Overview:

Once database policies are added, they appear in the Database Policy table with the following details:

  • Search Bar & Actions:
    • Search Bar: Quickly find specific policies.
    • Delete Button: Remove selected policies.
    • Apply Button: Apply changes to selected policies.
  • Table Overview:
    • Checkbox: Select policies for bulk actions.
    • Policy ID: Unique identifier for each policy.
    • Policy Name:The assigned name of the policy.
    • App: The database application associated with the policy.
    • Session Timeout: Duration before an idle session is terminated.
    • Audit Events: Indicates if audit logging is enabled (True/False).
    • Enforce MFA: Specifies if multi-factor authentication is enforced (True/False).
    • Live Stream: Displays whether real-time monitoring is enabled (True/False).
    • Recorded Sessions: Shows if user activity recording is active (True/False).

    Database Policy Table Overview


Frequently Asked Questions (FAQs)


Can I edit a database policy after adding it?

Yes, navigate to Database Policy, locate the policy, and modify settings.

What happens if I delete a database policy?

Deleting a policy removes all associated security configurations.

How does session timeout work?

If a session remains idle beyond the specified duration, it is automatically terminated.

What is the difference between whitelisting and blacklisting commands?

Whitelisting allows only specific commands, while blacklisting blocks them.

Can I enable both session recording and live streaming?

Yes, both can be enabled for enhanced monitoring.