At this note; you will find the most important new features in Oracle Database Vault 12c Release 2.First start with Oracle Database Vault Policies.
A new Object type is introduced in Oracle Database Vault 12c Release 2 version. This type is called Oracle Database Vault Policy. With Oracle Database Vault Policies you can group and manage some realms and command rules together. By this way you can change the status of some realms and commands with a one command. As you expect ; when you collect some realms and command rules in a vault policy ; there should be something commons in realms and command rules. It will be nonsense If you put all Realms and Commend Rules into one Vault Policy.
Another enhancement in Database Vault in the new version is the simulation mode. When you put Realms and Command Rules in a simulation mode; SQL commands are not blocked , but violations are logged.
Another change has been made in Privilege Analysis at this version. Now Privilege Analysis captures more privileges. At the same time a new object is created in Privilege Analysis which is called Capture runs. You can create multiple capture runs for one analysis and produce comparisons reports against different capture runs.
As you know; All Oracle 12c Release 2 databases are multi-tenant databases. Therefore new Common Realms and Common Command Rules are introduced in this version.
Common Realms and Common Command Rules can only be created in application root not in CDB root. A Common Command Rule in the application root is applied to all associated PDBs
The last word; Changes have been made added ALTER SESSION, ALTER SYSTEM and CONNECT Command Rules.By this way; you can more preciously define prevention rules on ALTER SESSION, ALTER SYSTEM commands.
Thanks for reading this note.
Y. Anıl Akduygu