Oracle EM Cloud Control 12c and Compliance Management

By Michael New, Edward Whalen, Matthew Burke on October 30, 2015


Oracle Enterprise Manager Cloud Control Compliance Management has two separate pieces: monitoring of compliance to business best practices and monitoring of real-time configuration changes. Monitoring of compliance to business best practices is a process where the system is regularly analyzed and deviations from compliance to business best practices are reported. This allows for decisions to be made and issues remediated. Real-time monitoring allows for immediate reporting of changes to the system that might be problematic.

Compliance and Best Practices

Compliance to business best practices is an important job of the IT staff. Oracle Enterprise Manager Cloud Control provides the ability to determine if the targets are adhering to business best practices by determining if targets and systems have valid configuration settings and whether there are vulnerabilities. In addition, Cloud Control will advise how to bring these systems into compliance.
Accessing the compliance features of OEM Cloud Control is done using the Enterprise menu. Select Compliance | Results, Compliance | Library, or Compliance | Real Time Observations from the Enterprise Menu.
If you select Compliance | Results from the Enterprise menu, you will see the Compliance Results page. From this page you will see a summary of the Compliance Standards being evaluated and a summary of the compliance results showing both Target Evaluations and Violations. Highlight the compliance standard and click the Show Results button to show the compliance results details and Security Recommendations for Oracle Products as shown in Figure 1.
fig12-39
FIGURE 1.   Security Recommendations for Oracle Products screen
Here you will see security violations. By clicking the Target Compliance tab, you will see compliance violations based on host targets. To determine the specific compliance violations, you can browse to that specific target and drill down into the compliance violation or security recommendations.

Real-Time Configuration Monitoring

In order to view real-time compliance standards and best practices, select Compliance | Real-time Observations from the Enterprise menu. This will bring up the Real-time Observations utility. From here you can browse observations by compliance frameworks, browse observations by system targets, or search observations. By selecting the hyperlinks you can browse the observations that are discovered in real time. This provides the ability to perform regular audits and determine the real-time state of the systems.

Related Posts

Leave a Reply