Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Microsoft Access wikipedia , lookup
Extensible Storage Engine wikipedia , lookup
Oracle Database wikipedia , lookup
Open Database Connectivity wikipedia , lookup
Relational model wikipedia , lookup
Concurrency control wikipedia , lookup
Team Foundation Server wikipedia , lookup
Microsoft Jet Database Engine wikipedia , lookup
Ingres (database) wikipedia , lookup
Database model wikipedia , lookup
Microsoft SQL Server wikipedia , lookup
GreenSQL 3.2.3 Installation Guide GreenSQL 3.2.3 Installation Guide © Copyright GreenSQL Ltd.. 2007 – 2015. All rights reserved. GreenSQL Ltd. (GreenSQL) reserves the right to make corrections, modifications, enhancements, improvements, and other changes to its products and services at any time and to discontinue any product or service without notice. Customers should obtain the latest relevant information before placing orders and should verify that such information is current and complete. All products are sold subject to GreenSQL's terms and conditions of sale supplied at the time of order acknowledgment. GreenSQL warrants performance of its products to the specifications applicable at the time of sale in accordance with GreenSQL's standard warranty. Testing and other quality control techniques are used to the extent GreenSQL deems necessary to support this warranty. Except where mandated by government requirements, testing of all parameters of each product is not necessarily performed. GreenSQL assumes no liability for third-party applications assistance. Customers are responsible for their products and applications using GreenSQL components. To minimize the risks associated with customer products and applications, customers should provide adequate design and operating safeguards. GreenSQL does not warrant or represent that any license, either express or implied, is granted under any GreenSQL patent right, copyright or other GreenSQL intellectual property right relating to any combination, machine, or process in which GreenSQL products or services are used. Information published by GreenSQL regarding third-party products or services does not constitute a license from GreenSQL to use such products or services or a warranty or endorsement thereof. Use of such information may require a license from a third party under the patents or other intellectual property of the third party, or a license from GreenSQL under the patents or other intellectual property of GreenSQL. Resale of GreenSQL products or services with statements different from or beyond the parameters stated by GreenSQL for that product or service voids all express and any implied warranties for the associated GreenSQL product or service and is an unfair and deceptive business practice. GreenSQL is not responsible or liable for any such statements. All company and brand products and service names are trademarks or registered trademarks of their respective holders. All text and figures included in this publication are the exclusive property of GreenSQL Ltd. (GreenSQL), and may not be copied, reproduced, or used in any way without the express written permission of GreenSQL. Information in this document is subject to change without notice and does not represent a commitment on the part of GreenSQL. Although the information in this document has been carefully reviewed, GreenSQL does not warrant it to be free of errors or omissions. GreenSQL reserves the right to make corrections, updates, revisions or changes to the information in this document. GreenSQL Ltd. 21 Bar Cochva Street Bnei Berak 5126018 Israel Tel: +972-3-688-8090 Fax: +972-3-760-1166 www.greensql.com 2 GreenSQL 3.2.3 Installation Guide Contents 1 INTRODUCING GREENSQL .....................................................................................................................4 2 SYSTEM REQUIREMENTS .......................................................................................................................5 2.1 Operating Systems.............................................................................................................. 5 2.2 Minimum Memory and Hard Disk Space.............................................................................. 5 2.3 Supported Browsers ........................................................................................................... 5 2.4 Support LDAP/Kerberos ...................................................................................................... 5 2.5 Supported Database Servers ............................................................................................... 5 3 CHOOSING AN INSTALLATION METHOD ..........................................................................................5 3.1 Installing GreenSQL on an Application Server ...................................................................... 6 3.2 Installing GreenSQL on a Physical or Virtual Dedicated Server .............................................. 6 3.3 Installing GreenSQL on the Database Server ........................................................................ 6 3.4 Running GreenSQL on Commercial Hypervisors ................................................................... 6 4 INSTALLING GREENSQL ON A WINDOWS SERVER ........................................................................7 4.1 Before You Begin ................................................................................................................ 7 4.2 Installing GreenSQL on a Windows Server ........................................................................... 7 4.2.1 Installing GreenSQL on a Windows Server (Clean Install) ......................................................7 4.2.2 Upgrading to a Newer Version of GreenSQL .........................................................................8 4.2.3 Reinstalling GreenSQL ............................................................................................................8 5 INSTALLING GREENSQL ON A LINUX SERVER .................................................................................9 5.1 Before You Begin ................................................................................................................ 9 5.2 Installing GreenSQL on a Linux Server ................................................................................. 9 5.2.1 Installing GreenSQL on a Linux server (Clean Install).............................................................9 5.2.2 Upgrading to a Newer Version of GreenSQL .........................................................................9 5.2.3 Reinstalling GreenSQL ......................................................................................................... 10 6 ACTIVATING AND CONFIGURING GREENSQL ............................................................................... 11 7 UNINSTALLING GREENSQL ................................................................................................................. 14 7.1 Uninstalling GreenSQL from Windows Servers................................................................... 14 7.2 Uninstalling GreenSQL from Linux Servers ......................................................................... 15 3 GreenSQL 3.2.3 Installation Guide Introducing GreenSQL 1 Introducing GreenSQL GreenSQL, a Unified Database Security solution, is installed as a front-end to databases and fully camouflages and secures the databases. GreenSQL works as a SQL reverse proxy and provides several database security features including automated learning mode, a database rule-based firewall, database auditing, database intrusion detection and prevention, and dynamic data masking. 4 GreenSQL 3.2.3 Installation Guide System Requirements 2 System Requirements 2.1 Operating Systems GreenSQL can run on the following 64 bit operating systems: • • Windows® Server 2008/2008 R2/2012/2012 R2 Linux distributions – Redhat, Centos, Ubuntu, Debian, openSUSE 2.2 Minimum Memory and Hard Disk Space The following minimum system requirements must be met: • • • CPU: minimum of 4 cores RAM: 4 GB (8 GB recommended) Disk space: 20 GB available for installation Auditing information and logging may require more space depending on configured policies. 2.3 Database Servers GreenSQL supports the following databases: • • • • Microsoft SQL Server - Microsoft SQL Server 2005 and above Microsoft Azure - SQL Database MySQL - MySQL 5.1 and above Amazon RDS - MySQL, SQL Server and MariaDB NOTE GreenSQL is agnostic to the operating system on which your databases are running. 2.4 LDAP/Kerberos GreenSQL supports LDAP/Kerberos for Windows® operating systems. For Linux support, contact GreenSQL Ltd. support. 2.5 Clouds GreenSQL supports the following clouds: • • • Amazon EC2 Microsoft Azure Google Cloud Platform 2.6 Browsers GreenSQL management runs on the following browsers: • • • Microsoft Internet Explorer 8 and above Firefox 6.5 and above Google Chrome 5 GreenSQL 3.2.3 Installation Guide Choosing an Installation Method 3 Choosing an Installation Method You can install GreenSQL in the following configurations and architectures: • • • • application server dedicated server (physical or virtual) database server commercial hypervisor GreenSQL cannot be installed on a network-mounted device. This section provides an overview of the different types of installation options and describes the advantages and highlights of each. Due to permission issues in the Active Directory (Domain Controller), if the database and application are installed on the same server, then GreenSQL must also be installed on that server. 3.1 Installing GreenSQL on an Application Server Installing GreenSQL on an application server provides the following advantages: • • security policies can be enforced before the SQLs leave the application server. This is preferable when the application server is located in a remote site or branch. the operating system of the database server is protected by preventing direct access to the Database management system. When installing GreenSQL on the application server, it is recommended to install another instance of GreenSQL on a dedicated server in order to prevent unauthorized access from the remote application server containing GreenSQL to the Database, in the event that the application server has been compromised. 3.2 Installing GreenSQL on a Physical or Virtual Dedicated Server This configuration provides the best performance for the GreenSQL solution by: • • • providing full protection of the Operating System and Management System of the Database. camouflaging the database server. The IP address of the database will not be accessible. GreenSQL can be installed behind a firewall, for example in a DMZ. providing a front-end to your databases, to which all applications, developers, and IT personnel can connect. 3.3 Installing GreenSQL on the Database Server Install GreenSQL on the Database server when the Database and application are located on the same server and it is difficult to find another server on which to install GreenSQL. You can also install GreenSQL on the database server when the Database is located outside of the local network perimeter. 3.4 Running GreenSQL on Commercial Hypervisors GreenSQL is also available as a virtual appliance that can be run on any commercial hypervisor. For more details, contact GreenSQL support at www.greensql.com/support. 6 GreenSQL 3.2.3 Installation Guide Installing GreenSQL on a Windows Server 4 Installing GreenSQL on a Windows Server The following sections describe how to install GreenSQL on all types of Windows servers. You will be asked to provide a PCI-compliant strong password the first time you log on. Only English characters and special characters (<>@!#$%^*()_+[]{}?:;|'\"\\,./~`-=) are allowed in the password. 4.1 • • • • • Before You Begin If an installation prior to version 3.1.7 is already installed, you will need to uninstall it before installing the new software release. After you have completed the uninstall procedure, start the installation process again. If the GreenSQL version is 3.1.7 or later, perform an upgrade procedure as described in Section 4.2.2 below. GreenSQL installation requires Administrator privileges on Windows servers. Download the GreenSQL application from the GreenSQL website (www.greensql.com). After the download has completed, an email with the license key will be sent to you. 4.2 Installing GreenSQL on a Windows Server This section describes how to install GreenSQL on a Windows server. Follow the instructions of the scenario that describes your current system status. 4.2.1 Installing GreenSQL on a Windows Server (Clean Install) 1. Double-click on the installation file (GreenSQL_X.X.X.XXXXX.exe). 2. To accept the terms of the agreement, click I Agree in the License Agreement window. 3. In the Choose Install Location window, in the Destination Folder box, enter where you want to install GreenSQL, and click Install. 7 GreenSQL 3.2.3 Installation Guide Installing GreenSQL on a Windows Server 4. In the Installation Complete window click Close. 5. Continue to Section 6. 4.2.2 Upgrading to a Newer Version of GreenSQL When upgrading to a new version of GreenSQL, the current configuration settings, logs, and database will not be changed. 1. Stop the GreenSQL service. 2. Double-click on the installation file (GreenSQL_X.X.X.XXXXX.exe). The following message is displayed. Click Yes to continue. 3. Perform steps 2 - 5 in Section 4.2.1. 4.2.3 Reinstalling GreenSQL To reset the configuration files, log files, and database files to factory settings, you can reinstall the same version of the software. 1. Double-click on the installation file (GreenSQL_X.X.X.XXXXX.exe). The following message is displayed. Click Yes to continue. 2. Perform steps 2 - 5 in Section 4.2.1. 8 GreenSQL 3.2.3 Installation Guide Installing GreenSQL on a Linux Server 5 Installing GreenSQL on a Linux Server The following sections describe how to install GreenSQL on a Linux server. You will be asked to provide a PCI-compliant strong password the first time you log on. Only English characters and special characters (<>@!#$%^*()_+[]{}?:;|'\"\\,./~`-=) are allowed in the password. 5.1 • • • • • • Before You Begin If an installation prior to version 3.1.7 is already installed, you will need to uninstall it before installing the new software release. After you have completed the uninstall procedure, start the installation process again. If the GreenSQL version is 3.1.7 or later, perform an upgrade procedure as described in Section 5.2.2 below, followed by the reinstall procedure , as described in Section 5.2.3 below. The GreenSQL installation requires superuser privileges on Linux servers. Download the GreenSQL application from the GreenSQL website (www.greensql.com). After the application is downloaded, you will receive an email containing the license key. Make sure that you have enough disk space under the /tmp folder (at least 0.5 GB) before you begin. 5.2 Installing GreenSQL on a Linux Server This section describes how to install GreenSQL on a Linux server. Follow the instructions of the scenario that describes your current system status. 5.2.1 1. Installing GreenSQL on a Linux server (Clean Install) Run the installation file as follows: # sh greensql_X.X.X.XXXXX.bin On some machines, use: # bash greensql_X.X.X.XXXXX.bin 5.2.2 Upgrading to a Newer Version of GreenSQL When upgrading to a new version of GreenSQL the current configuration settings, logs, and database will not be changed. 1. Stop the GreenSQL service. 2. From the shell (as superuser or using "sudo"), type one of the following commands: service greensql stop /etc/init.d/greensql stop 3. Run the installation file as follows: ]# sh greensql_X.X.X.XXXXX.bin On some machines, use: ]# bash greensql_X.X.X.XXXXX.bin 4. Type Y in the displayed message to continue. 5. Read and approve the license agreement. 9 GreenSQL 3.2.3 Installation Guide Installing GreenSQL on a Linux Server 5.2.3 Reinstalling GreenSQL To reset the configuration files, log files, and database files to factory settings, you can reinstall the same version of the software. 1. Run the installation file as follows: ]# sh greensql_X.X.X.XXXXX.bin On some machines, use: ]# bash greensql_X.X.X.XXXXX.bin 2. Type Y in the displayed message to start the installation. 3. Read and approve the license agreement. 10 GreenSQL 3.2.3 Installation Guide Activating and Configuring GreenSQL 6 Activating and Configuring GreenSQL 1. The first time you launch GreenSQL, use the following address: https://<address of GreenSQL>:5000 2. Since GreenSQL is a database security product, using an encrypted and secured connection, the first time you install GreenSQL, you will be prompted to accept the SSL certificate. Depending on the type of browser you are using, you will be displayed one of the following pages: 3. Accept the SSL Certificate, then click Start GreenSQL Securely. 4. In the Product Activation window, enter your product key activation and click Continue. 5. You will be asked to set up an initial password for GreenSQL’s administrator account (admin). Make sure to enter a strong PCI-compliant password. Only English characters special characters (<>@!#$%^*()_+[]{}?:;|'\"\\,./~`-=) are allowed in the password. Click Change Password. 6. If you are configuring a proxy-based system, in the Connect to Database window, set up the connection proxy and configure the system, as follows: a. Under Database Instance, configure the following parameters: Connection Name The logical name of the database instance connection. Database Type The database vendor type (taken from a list of supported databases). Host/IP Host name or IP address of the database instance. Instance (optional) The name of the database instance to connect to. This option is only available for the MS-SQL database type. When this option is available, you can choose to configure either the Instance or Port parameters. 11 GreenSQL 3.2.3 Installation Guide Activating and Configuring GreenSQL b. c. Port The port used to connect to the instance. Connect To Database The default database, within the database instance, to which GreenSQL will automatically connect. Under Instance Logon Credentials, configure the following parameters (these parameters are mandatory): User Name User name used to log on to database instance. Password Password used to log on to database instance. Under GreenSQL Proxy, configure the following parameters: Proxy Name A logical name representing the proxy. This name is used when creating a database and policies and logically attaching the proxy to the database. Host/IP The Host name or IP address of any GreenSQL server network interface cards (NICs) that are exposed to the clients. NOTE 0.0.0.0 will open the proxy port to traffic on any Network Interface Card. 7. Port The port on the proxy server through which clients connect to the proxy (relays communications to the database). Use Defaults Select if you want GreenSQL to automatically fill in the Proxy information. d. Click Check Connection. You must check the connection. If you don’t check the connection you will not be able to connect to the database. e. Click Continue. In the Secure your applications with GreenSQL window, click Finish. 12 GreenSQL 3.2.3 Installation Guide Activating and Configuring GreenSQL 8. Change the connection strings in your applications according to the parameters you configured for GreenSQL. If you configured GreenSQL Proxy to listen on 0.0.0.0 (all interfaces), or with a host name and the port number, GreenSQL will display a list of IP addresses as shown below: 13 GreenSQL 3.2.3 Installation Guide Uninstalling GreenSQL 7 Uninstalling GreenSQL 7.1 Uninstalling GreenSQL from Windows Servers NOTE •You will require administrative privileges to uninstall GreenSQL. •It is recommended that you first back up the GreenSQL configuration settings by clicking System > Backup & Restore > Backup. To uninstall GreenSQL from a Windows server 1. Use the Uninstall or Windows Control Panel > Programs and Features to remove the GreenSQL installation. Click Uninstall. 2. You will be asked whether you want to proceed and uninstall GreenSQL. Do one of the following: 3. If you choose to continue and uninstall GreenSQL, you will be whether you want to delete the GreenSQL log files. Do one of the following: 4. Click No or Cancel to cancel the uninstall procedure. Click Yes to uninstall GreenSQL. Click Yes to delete the GreenSQL log files. Click No leave the GreenSQL log files intact. If you decide not to delete the GreenSQL files, the remaining log files are displayed in the Log window. 14 GreenSQL 3.2.3 Installation Guide Uninstalling GreenSQL 7.2 Uninstalling GreenSQL from Linux Servers NOTE Uninstalling GreenSQL requires root permissions. To uninstall GreenSQL from a Linux server 1. Run the uninstall file as follows: ]# sh greensql_X.X.X.XXXXX.bin –uninstall On some machines, use: ]# bash greensql_X.X.X.XXXXX.bin --uninstall 2. When prompted, type Y to continue uninstalling GreenSQL or N to abort. 3. When prompted if you want to keep your log file: Type Y, if you want to keep it. Type N, if you want to delete it. 15