Deploying the Oracle database and Enforce Server in a two- or three-tier environment

Symantec Data Loss Prevention
supports two- and three-tier deployments on AWS IAAS. See "Oracle database requirements" in the Symantec Data Loss Prevention Help Center for a list of supported Oracle Database software versions.
You estimate sizing requirements to best fit your implementation. See Estimated sizing guidelines for EC2 instances.
Install the Oracle database before you install the Enforce Server.
Steps to deploy the Oracle database and Enforce Server in a two- or three-tier environment
Step
Action
Description
1
Configure the Oracle RDS instance.
Confirm that the Oracle RDS instance meets the following configuration requirements:
  • DB Edition: Standard or Enterprise
  • DB Engine version: See "Oracle database requirements" in the Symantec Data Loss Prevention Help Center for a list of supported Oracle Database software versions
  • DB Instance Class: db.m4.2x large or higher
  • Storage Type: Provisioned IOPS(SSD) 100 GiB or more
  • Master User: “protect” with a complex password of at least 8 characters
  • Public Accessibility: “Yes”, if the Enforce Server is deployed outside of RDS VPC
  • Database name: “protect”
  • Database port: “1521”
  • Character set name: “AL32UTF8”
2
Create the database user and table spaces for the
Symantec Data Loss Prevention
installation.
Complete the following steps:
  1. Connect to Oracle RDS using SQL*Plus use the following syntax:
    sqlplus
    master_user
    /password@fqdn_oracle_rds:
    db_port
    /db_name
    For example, the following command uses
    protect
    for the master_user,
    1521
    for the database port, and
    protect
    for the database name:
    sqlplus protect/password@fqdn_oracle_rds:1521/protect
  2. Run the following command to grant the Master User
    protect
    the required credentials:
    GRANT create session ,alter session ,create synonym ,create view ,create table ,create sequence TO
    protect
    ;
    GRANT create table ,create cluster ,create sequence ,create trigger ,create procedure ,create type ,create indextype ,create operator TO
    protect
    ;
    GRANT create materialized view TO
    protect
    ;
  3. (Optional) Run the SQL script to create a user to manage the database. The user can access the database without using the Oracle RDS Master user.
    sqlplus master_user/password@fqdn_oracle_rds:db_port/ db_name SQL> @oracle_create_user_oracle_rds.sql
  4. Create the required tablespaces by running the following command:
    create smallfile tablespace LOB_TABLESPACE datafile size 32767M autoextend on next 100M maxsize 32767M;
    alter tablespace LOB_TABLESPACE add datafile size 1024M autoextend on next 100M maxsize 32767M;
    alter tablespace LOB_TABLESPACE add datafile size 1024M autoextend on next 100M maxsize 32767M;
3
Install the Enforce Server.
4
Configure secure TLS communication between Enforce Server and Oracle RDS.