Overview
Netskope One DSPM supports scanning Oracle Autonomous Database data stores even on Dedicated Infrastructure. Follow these instructions to setup Oracle Autonomous Database and configure its connection to Netskope One DSPM.
Note for Connecting to OCI Autonomous Database
Please ensure that the Autonomous database is configured to have ‘Mutual TLS (mTLS) authentication’ set to ‘Not required’. The setting can be found under the Network section of Database Information. Without this setting, DSPM will not be able to establish a connection with the Autonomous database.
Create a Netskope One DSPM Service Account
Begin by configuring an OCI database service account which will be dedicated to Netskope One DSPM’s use.
The following steps may require the assistance of your local database administrator.
- As an administrator, log into your Oracle Autonomous Database.
- Create the Netskope One DSPM-specific user by executing the following commands in order:
| Command | Outcome |
|---|---|
|
Creates the Netskope One DSPM-specific user. Substitute netskope_user & netskope_password with your own preferred values. |
|
Permits the Netskope One DSPM-specific user to connect to the OCI database. |
|
Grants the initial necessary Netskope One DSPM-specific user permissions to power capabilities within the Netskope One DSPM platform. |
|
Grants the remaining necessary Netskope One DSPM-specific user permissions. |
Retrieve Connection Information
In addition to authenticating the data store, Netskope One DSPM will require additional information to communicate with your Oracle Autonomous Database. Please follow the steps below to identify the connection values for later use within Netskope One DSPM.
- Log into your OCI Console and navigate to Oracle Autonomous Database instance details page and click on DB Connection button (highlighted in red)
- On the DB Connection page, under Connection strings choose TLS option in the TLS authentication dropdown and copy the connection string against the TNS name with ‘_medium’ suffix (highlighted in red)
Connect Your Data Store
Excerpt: Connect Your Data Store 1
Log into the Netskope One DSPM platform. Navigate to the Data Stores > Data Store Invento
- Log into the Netskope One DSPM platform.
- Navigate to Data Stores → Data Store Inventory.
- Use the Discovered tab, then click the CONNECT button under Actions to connect a discovered data store. You'll immediately see the Credentials tab with some fields automatically populated.
- Alternately, click the CONNECT A DATA STORE button in the upper right to select a data store type and go through the data store connection UI manually.
- The Connect a Data Store modal is displayed, starting with the SELECT DATA STORE tab.
- Click on the icon for the Data Store Type you wish to connect. The modal will auto-navigate you to the next tab.
- On the PROVIDE CREDENTIALS tab, complete the following fields:
| Field | Value |
|---|---|
| Select OCI Account | Select one of the OCI compartments defined within the Infrastructure Section screen. The field will default if there is just one OCI compartment configured. |
| Data Store Identifier | Human-friendly name to describe this Data Store. This value displays in other Netskope One DSPM screens such as Policy Management and Classification Management. |
| Data Store Endpoint | Enter the corresponding values from the Retrieve Connection Information step above. |
| Database Username (if Service Account) | Enter the corresponding value from the Create a Netskope One DSPM Service Account step above. |
| Password (if Service Account) | Enter the corresponding value from the Create a Netskope One DSPM Service Account step above. |
| Scan Frequency | Controls how often your Data Store is reviewed for changes; Netskope One DSPM’s recommended frequency is defaulted, which you can override as needed. |
| Sidecar Pool |
If you will use sidecars to monitor this data store, select a sidecar pool with network visibility to said data store. This field is displayed when there is at least one defined sidecar pool. To learn more, please visit our Sidecar Administration article. |
Excerpt: Connect Your Data Store 2
Click the NEXT button, which will navigate you to the next tab. On the SELECT CAP
- Click the NEXT button. The SELECT CAPABILITIES tab is displayed.
- Complete the following fields:
- Assign a Data Owner (optional): define one or more Platform Users responsible for this Data Store and its data sets.
- Which databases should Netskope One DSPM scan?: utilize the field’s picklist control to select which databases & schemas should be monitored by the Netskope One DSPM application. By default, all databases & schemas are selected.
- Features: Netskope One DSPM’s recommended feature selections will be defaulted, which you can override if desired. Some features are always-on, some are not applicable (with disabled toggles), while others may request additional configurations.
| Capability | Supported for Oracle Base Database |
|---|---|
| Discovery | Yes (always-on) |
| Privilege Analysis | No |
| Shadow Data Analysis | No |
| Classification | Yes |
| Data In Use Monitoring | No |
| Automation | Yes (always-on) |
Excerpt: Connect Your Data Store 3
Click the NEXT button, which will navigate you to the next tab. On the REVIEW tab
- Click the SAVE button, which will navigate you to the next tab.
- On the REVIEW tab, Netskope One DSPM will validate your credentials and capability selections. In the event of any issues, follow the on-screen instructions to remediate the displayed warnings or errors.
- Click the SAVE button to finalize your connection.