Connecting to target databases : Pre-configuration for monitoring target databases : Oracle target database pre-configuration : Monitoring encrypted Oracle traffic
 
Monitoring encrypted Oracle traffic
FortiDB can monitor encrypted Oracle database activity using its TCP/IP sniffer.
To make the database’s SSL configuration compatible with FortiDB DAM, ensure that Advanced Security is enabled and generate the security credentials using Oracle Wallet Manager.
In addition, ensure the cipher suite RSA 3DES_EDE_CBC SHA and one or more of the following cipher suites are enabled in the SSL configuration for the Oracle client:
AES_256_CBC_SHA
AES_128_CBC_SHA
RSA_DES_CBC_SHA
RSA_RC4_128 SHA
RSA RC4_128 MD5
When you configure monitoring using the TCP/IP sniffer, you upload to FortiDB the self-signed certificate that you exported from the Oracle server wallet manager and imported into the wallet manager on the Oracle client machine. Depending on your SSL configuration, the certificate information is stored in PKCS #12 or X.509 format.
See “Configuring monitoring using the TCP/IP sniffer (all database types)”.