Beruflich Dokumente
Kultur Dokumente
1
Release Notes
FortiDB 5.1 Release Notes July 31, 2013 Revision 2 Copyright 2012 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, and FortiGuard are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance metrics contained herein were attained in internal lab tests under ideal conditions, and performance may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinets General Counsel, with a purchaser that expressly warrants that the identified product will perform according to the performance metrics herein. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinets internal lab tests. Fortinet disclaims in full any guarantees. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.
Technical Documentation Knowledge Base Forums Customer Service & Support Training Services FortiGuard Document Feedback
Table of contents
Change log ....................................................................................................... 4 Introduction ...................................................................................................... 5
Enhancements .......................................................................................................... 5
Troubleshooting ............................................................................................. 12
Monitoring and Auditing Log ............................................................................. 12
Change log
Date 7/18/13 7/31/13 Change Description Initial release Update to build number
Introduction
This document provides installation instructions and caveats, resolved issues, and known issues for FortiDB 5.1, build 0004. FortiDB provides a database security platform which encompasses Database and Data Discovery, Vulnerability Management, Database Activity Monitoring and Audit, Intrusion Prevention and Compliance Reporting. For additional documentation, please visit: http://docs.fortinet.com/fdb.html
Enhancements
Support for FortiDB-3000D appliance The new FortiDB-3000D is now available replacing the FortiDB-2000B. The FortiDB-3000D is a stronger, faster platform supporting up to 90 databases.
Special Notices
General
Monitor Settings for Web User Interface Access - Fortinet recommends setting your monitor to a screen resolution of 1280x1024. This allows all objects in the Web UI to be viewed properly The following web browsers are supported to properly display the FortiDB GUI: Application FortiDB 5.0 Supported Web Browser Internet Explorer 7.x, 8.x, 9.x Firefox 4.x/5.0
Supported Platforms
Windows 2003 32-bit, 64-bit Window XP Linux RH4 64-bit, RH5 64-bit Solaris
Application VA
Oracle
MS SQL Server
Sybase
DB2 UDB
MySQL
Microsoft SQL
Server 2000
6
Sybase ASE
12.5
Microsoft SQL
Server 2005
Sybase ASE
15.0.2
Microsoft SQL
Server 2008
Sybase ASE
15.5
Oracle 11gR2
Microsoft SQL
Server 2008R2
Sybase ASE
15.7
Microsoft SQL
Server 2012 DAM
Microsoft SQL
Server 2000 SP2
Sybase ASE
12.5 (Sniffer only)
DB2 UDB
V9.5
MySQL 5.1
(not supported with sniffer)
DB2 UDB
V9.7
Microsoft SQL
Server 2005 SP2
Sybase ASE
15.0.2
Oracle 11gR2
MySQL 5.5
(not supported with sniffer)
Sybase ASE
15.5
Microsoft SQL
Server 2008 SP2
Sybase ASE
15.7 (MDA only)
Microsoft SQL
Server 2008R2
Microsoft SQL
Server 2012
Target DB Oracle
FortiDB Collection methods DB, EXTENDED. Agent is not required. XML File Agent. FortiDB agent is required. Please see Running the Oracle XML File Agent (UNIX, Windows) in online help. SGA Agent. FortiDB agent is required. Please see Running the Oracle SGA Agent (Solaris) in online help.
FortiDB 5.1 Release Notes
TCP/IP Sniffer SQL Trace. Agent is not required. For SQL 2000, make sure the following commands are issued before starting monitoring: USE master GO EXEC sp_configure 'show advanced options', 1 GO RECONFIGURE WITH OVERRIDE GO EXEC sp_configure 'xp_cmdshell', 1 GO RECONFIGURE WITH OVERRIDE GO EXEC sp_configure 'show advanced options', 0 GO TCP/IP Sniffer DB2 Agent. FortiDB agent is required. Please see Running the DB2 Agent on Windows and Running the DB2 Agent on UNIX in online help. TCP/IP Sniffer MDA. Agent is not required. TCP/IP Sniffer General Query Log
SPAN/mirror port Sybase MDA SPAN/mirror port MySQL General Query Log
By default, the encoding that is used is UTF-8. In general, any encoding supported by the Java VM is supported by FortiDB, but for exporting PDF reports, the specified encoding (entered in step 2 previously) must map to a supported PDF font. The following encodings are supported by FortiDB for exporting PDF data: Locale Japanese Supported Encodings Shift_JIS SJIS EUC-JP EUC_JP x-EUC-JP-LINUX EUC_JP_LINUX ISO-2022-JP ISO2022JP windows-31j MS932 Cp930 Cp939 Cp942 Cp943 Cp33722
9 FortiDB 5.1 Release Notes
Chinese
Korean
Others
x-mswin-936, MS936 GB18030 x-EUC-CN EUC_CN GBK x-windows-950 MS950 x-MS950-HKSCS MS950_HKSCS x-EUC-TW EUC_TW Big5 Big5-HKSCS Cp935 Cp937 Cp948 Cp950 Cp964 ISO2022_CN_CNS ISO2022_CN_GB x-windows-949 MS949 EUC-KR ISO-2022-KR ISO2022KR UTF-8
Please visit http://java.sun.com/javase/6/docs/technotes/guides/intl/encoding.doc.html for additional information about encodings supported by the Java virtual machine.
10
Upgrade instructions
Upgrade from previous versions
Upgrade supported from previous official 4.x releases. Upgrade from 3.x versions is not supported
11
Troubleshooting
Monitoring and Auditing Log
During the Monitoring and Auditing life-cycle, FortiDB may encounter issues in the target database system which alter the way in which that target is monitored (in Native Audit collection method only), or even prevent that target from being monitored. The table below lists the problems that FortiDB may encounter and the log message that will be generated.
Severities
INFORMATIONAL used to describe the general monitoring state (started, reconfigured, stopped). All descriptions notify users of a successfully executed task. CAUTIONARY used to describe issues that users should be aware of, but do not impact the monitoring operation MINOR used to describe configuration issues that impact how monitoring is done, but does not impact the overall monitoring action on a target. Typically, minor errors describe configuration issues, such as the specification of non-existing objects or users in policies, which FortiDB can skip over. MAJOR used to describe changes in the target database that is being monitored. Users should be aware of these changes, and they may need to act on them to adjust how monitoring is done, or they may need to address this issue on the target database. Usually, these errors describe objects being modified or users being deleted from the target database that impact certain policies that are being used for monitoring CRITICAL used to describe errors that prevent FortiDB from monitoring the target database.
Error Types
CONFIGURATION Any issue that occurs when configuring a target with the associated policies. These log entries occur with specific policies (in which case a policy-name is logged), or it may be a general error (in which case n/a is logged for the Policy Name field). PERMISSION Issues having to do with insufficient permissions of the target user. OBJECT_CHANGE When objects are changed on the target database after monitoring has started USER_CHANGE When users are changed on the target database after monitoring has started.
12
Configuration Messages
Message 1 The user <USER> does not exist on <TARGET> Type CONFIGURATION Severity MINOR Description This is a policy-specific error, which signals that a certain user that was specified in the policy does not exist on the target database. This user entry will be skipped when configuring the policy. If all the user entries are skipped, then the policy itself will not be used to monitor the target. This is a policy-specific error, which signals that a certain table that was specified in the policy does not exist on the target database. This object entry will be skipped when configuring the target. . If all the table entries are skipped, then the policy itself will not be used to monitor the target. An unexpected exception was thrown when attempting to configure a target with a specific policy. The error message is the actual exception message. When initializing the Sybase collector, there were insufficient permissions with the FortiDB target user which prevented FortiDB from doing JDBC queries against the target database. No policies were enabled for the target, or if enabled, no objects or users in the policies were configurable for that target.
FortiDB 5.1 Release Notes
The object <DB.SCHEMA.TABLE> does not exist on <TARGET> and will not be monitored on this target.
CONFIGURATION
MINOR
CONFIGURATION
CRITICAL
PERMISSION
CRITICAL
CONFIGURATION
CRITICAL
13
CONFIGURATION
INFORMATIONAL
The Start Monitoring operation was successfully executed on the target. The Stop Monitoring operation was successfully executed on the target. The Reconfigure operation was successfully executed on the target, and the collection state is now consistent with changes made in the UI. A configured object has been removed from the target. Note that this error is only logged when FortiDB is doing target checks at the scheduled times (which can be configured in the Log view). A configured user has been removed from the target. Note that this error is only logged when FortiDB is doing target checks at the scheduled times (which can be configured in the Error Log view). Valid for Oracle DB, EXTENDED. Reports that the queryto get the audit data from the target is taking more than 10 seconds. This typically occurs when sys.aud$ table.has more than 2 million records. It can be a result of an intermittent network delay.
CONFIGURATION
INFORMATIONAL
CONFIGURATION
INFORMATIONAL
OBJECT_CHANGE
MAJOR
10
USER_CHANGE
MAJOR
11
Excessive Time :<time> seconds to execute audit data query. The audit table for: <targetname> should be truncated.
COLLECTION
MAJOR
14
Resolved issues
The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support. Table 1: Resolved issues Bug ID Description
15
Known issues
This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please contact Fortinet Customer Service & Support. Table 2: Known issues Bug ID 0205469 0192079 0205312 0204071 0205309 0205307 0204375 Description Generate Policy: can't support MSSQL using sniffer based data collection There is an error when importing DAM policies Cannot enable or disable specific policies SOX Report: Wrong filters after exact steps Internal error when importing a policy with an invalid attribute SOX report Verification of Audit Settings has no data in sniffer mode Generate Policy: the value is incorrect in the generated user policy for MSSQL PCI Policy: cant use db user for MSSQL Generate Policy: Does not work for DB2 The return code is incorrect in the details of the alerts
16
Image checksums
To verify the integrity of the firmware file, use a checksum tool and compute the firmware files MD5 checksum. Compare it with the checksum indicated by Fortinet. If the checksums match, the file is intact. MD5 checksums for Fortinet software and firmware releases are available from Fortinet Customer Service & Support. After logging in to the web site, go to Download > Firmware Image Checksums. In the File Name field, enter the firmware image file name including its extension, then click Get Checksum Code.
17