Fortinet FortiDB User manual
www.fortinet.com
FortiDB
Version 3.2
Utilities User Guide
FortiDB Utilities User Guide
Version 3.2
December 19, 2008
15-32000-81369-20081219
© Copyright 2008 Fortinet, Inc. All rights reserved. No part of this publication including text, examples,
diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means,
electronic, mechanical, manual, optical or otherwise, for any purpose, without prior written permission of
Fortinet, Inc.
Trademarks
ABACAS, APSecure, FortiASIC, FortiBIOS, FortiBridge, FortiClient, FortiDB, FortiGate, FortiGuard,
FortiGuard-Antispam, FortiGuard-Antivirus, FortiGuard-Intrusion, FortiGuard-Web, FortiLog,
FortiManager, Fortinet, FortiOS, FortiPartner, FortiProtect, FortiReporter, FortiResponse, FortiShield,
FortiVoIP, and FortiWiFi are trademarks of Fortinet, Inc. in the United States and/or other countries. The
names of actual companies and products mentioned herein may be the trademarks of their respective
owners
Table of Contents
FortiDB Version 3.2 Utilities User Guide
15-32000-81369-20081219 1
Table of Contents
FortiDB MA Utilities ................................................................................................. 3
Auto Discovery......................................................................................................... 4
DB2 .....................................................................................................................................6
MS-SQL ..............................................................................................................................6
Connection Summary .............................................................................................. 8
Rule Chaining ........................................................................................................... 9
Chaining with Parameterized User-Defined Rules............................................................11
General PUDR Steps...................................................................................................12
PUDR Process.............................................................................................................12
PUDR Eligible Rules....................................................................................................13
Chaining the UBM Policy and PUDR Together ...........................................................14
Alert Behavior ..............................................................................................................17
PUDR Alert Behavior with Multiple SELECT-List Objects
in the Violating SQL Statement...................................................................................18
Report Manager...................................................................................................... 20
Alert Report Manager........................................................................................................20
Setting a Report Schedule...........................................................................................20
Reporting by Time .......................................................................................................23
Enabling Email Recipients ...........................................................................................23
Specifying Report Parameters.....................................................................................23
Activating ARM ............................................................................................................27
Running and Analyzing Reports ..................................................................................27
Custom Reports ................................................................................................................30
Using This Feature ......................................................................................................30
Scheduling ...................................................................................................................30
Customer and Company Information...........................................................................32
Report and Template Generation and Management ...................................................33
Report History..............................................................................................................39
Licensing and Administration ............................................................................................40
Custom Report Properties ...........................................................................................40
SOX Compliance Reports.................................................................................................42
Reports and Acronyms ...............................................................................................43
Common Report Header Fields ...................................................................................43
SOX Report Specifics ........................................................................................... 44
History of Privilege Changes Report (HPC)......................................................................44
COBIT Objectives and Setup Requirements ..............................................................44
FortiDB Version 3.2 Utilities User Guide
215-32000-81369-20081219
Table of Contents
Report Body Columns .................................................................................................44
Abnormal or Unauthorized Changes to Data Report (AUC) .............................................45
COBIT Objectives and Setup Requirements ..............................................................45
Report Body Columns .................................................................................................45
Abnormal Use of Service Accounts Report (AUS) ...........................................................46
COBIT Objectives and Setup Requirements ..............................................................46
Report Body Columns .................................................................................................46
Abnormal Termination of Database Activity Report (ATD) ...............................................47
COBIT Objectives and Setup Requirements ..............................................................47
Report Body Columns .................................................................................................47
End of Period Adjustments Report (EPA) ........................................................................48
COBIT Objectives and Setup Requirements ..............................................................48
Report Body Columns .................................................................................................48
Determining Your Reporting Period.............................................................................49
Verification of Audit Settings Report (VAS) ......................................................................50
COBIT Objectives and Setup Requirements ..............................................................50
Report Body Columns .................................................................................................50
Licensing and Administration.......................................................................................51
Index ........................................................................................................................ 53
FortiDB MA Utilities
FortiDB Version 3.2 Utilities User Guide
15-32000-81369-20081219 3
FortiDB MA Utilities
FortiDB MA provides several utilities to help you use other modules:
•Auto Discovery to ease the burden of manually setting up database
connections
•Connection Summary to show which database connections are Open or are
Open and Running
•Rule Chaining to trigger one rule based upon another
•Report Manager for custom, offline reports
FortiDB Version 3.2 Utilities User Guide
415-32000-81369-20081219
Auto Discovery
Auto Discovery
FortiDB MA provides the ability to search for, and establish connections to,
databases on your network. Rather than manually entering all of the connection
information, you can have FortiDB MA automatically discover it for you.
Selecting Addresses for Auto-Discovery
In order to use this feature:
1Select the Database->New menu, and click the Auto Discovery button on the
Create New Database Connection screen. Or you can just select Auto Discovery
from the Main page.
2Enter an IP address range and specify the RDBMS type you are interested in.
3By clicking the Edit button next to the desired type of database, you can enter a
range of ports, in case there are databases listening on non-default ports.
4Click Close to close the Edit Port Range screen.
Auto Discovery
FortiDB Version 3.2 Utilities User Guide
15-32000-81369-20081219 5
Selecting Non-Standard Ports for Auto-Discovery
5Click the Begin Discovery button.
Results from Auto-Discovery
FortiDB Version 3.2 Utilities User Guide
615-32000-81369-20081219
DB2 Auto Discovery
Discovered Database Information Populating Connection Form
The process will automatically return:
• Database Type and version
• IP address (with port if applicable)
• Database name/instance
Once the Auto Discovery list is returned, you can create, by clicking the Add
button on the Discovered Database Applications screen, the database
connections you wish to assess or monitor.
The additional required and recommended fields will need to be completed
manually. (See the FortiDB MA Administration Guide for more information on
setting up connections)
DB2
Auto Discovery does not return the database name and version for DB2 UDB with
V8 Fix Pack 10.
MS-SQL
It is sometimes necessary to temporarily open another port in your firewall to
make sure the Auto Discovery program communicates with all SQL Server
versions. You should configure the firewall on your target machine so that it allows
UDP packets:
Auto Discovery MS-SQL
FortiDB Version 3.2 Utilities User Guide
15-32000-81369-20081219 7
• Destined for port 1434
• Originating from the port whose number is specified in the dss.udpport
property in dssConfig.properties.
Note: FortiDB MA sends a packet to port 1434, which MSSQL uses in order to
return information about itself such as instance name, version, etc. (Even though
this is an MSSQL-specific port number, FortiDB MA uses it for all Auto-Discovery-
related transmissions.)
FortiDB Version 3.2 Utilities User Guide
815-32000-81369-20081219
MS-SQL Connection Summary
Connection Summary
The Connection Summary utility allows you to see, by FortiDB MA module and in
one place, a dashboard view of all of your database connections.
Connection Summary Button
Connection Summary Output
Table of contents
Other Fortinet Software manuals
Fortinet
Fortinet FORTIOS V3.0 MR7 User manual
Fortinet
Fortinet FortiAnalyzer 3.0 MR7 Instruction Manual
Fortinet
Fortinet FortiClient User manual
Fortinet
Fortinet Network Adapter FSAE Instruction Manual
Fortinet
Fortinet IPSec VPN Version 4.1 User manual
Fortinet
Fortinet FortiOS 3.0 Installation and operation manual
Fortinet
Fortinet Network Device IPS User manual
Fortinet
Fortinet FortiGuard Analysis and Management Service... Instruction Manual
Fortinet
Fortinet FortiGate Voice 4.0 MR1 Instruction Manual
