Session Policies

Session policies allow you define rules based on properties of the session to block, audit and alert on SSH, SFTP, RDP, HTTP/S, TCP and database activity. Additionaly for database sessions you can provide permission, data masking and row/column security.

Policy types:

Does the order of the connection & statement policies matter?

Yes, each policy has a position value and policies are executed from position 0 to position N. Processing stops once a policy matches. You can re-order policies in the grid by dragging them into position.

When a policy matches a row is inserted into the policy execution log.


Before Connection Policy


Details

Triggered : Before any authentication processing

Best for : Blocking unregistered logins or unauthorized use of service accounts.


To add a policy

Click Policies > Connection Policies

Click Before Connection Policy

Fill in these fields on the Rule Settings tab:

FieldDescription
Rule DescriptionA description for the policy
Alert Channel(optional) The alert to trigger
Rule EnabledTrue or false
Rule TypeAllow, Allow & Log, Deny & Deny without log
Rule ClauseAdd rule line(s)

Examples

Click on thumbnail to see example policy


After Connecton Policy


Details

Triggered : After any authentication processing.

Best for : Policies that check a user's assigned roles or existing sessions.


To add a policy

Click Policies > Connection Policies

Click After Connection Policy

Fill in these fields on the Rule Settings tab:

FieldDescription
Rule DescriptionA description for the policy
Alert Channel(optional) The alert to trigger
Rule EnabledTrue or false
Rule TypeAllow, Allow & Log, Deny & Deny without log
Rule ClauseAdd rule line(s)

Examples

Click on thumbnail to see example policy


Statement Policy


Details

Triggered : After any authentication processing & before a database command is analyzed, permission checked & processed.

Best for : Blocking & auditing database activity based on a regex and other patterns that are not handled by permission policies.


To add a policy

Click Policies > Statement Policies

Click Before Execute Policy

Fill in these fields on the Rule Settings tab:

FieldDescription
Rule DescriptionA description for the policy
Alert Channel(optional) The alert to trigger
Rule EnabledTrue or false
Rule TypeAllow, Allow & Log, Deny & Deny without log
Rule ClauseAdd rule line(s)

Examples

Click on thumbnail to see example policy

Edit this page on GitHub Updated at Wed, Mar 13, 2024