Jump to: navigation, search

Database Secure Deployment

This page describes secure deployment for MS SQL 2008 and Oracle 11g databases.

For MS SQL Server 2008 secure deployment, Genesys recommends using MS SQL Server Transparent Data Encryption (TDE) which performs a real-time I/O encryption and decryption of the data and log files. This method has only a minor impact on performance, which is critical for the Advisors Suite.

It is important to mention that TDE is available only for MS SQL Server Enterprise edition. The data cannot be encrypted using TDE if any other MS SQL Server edition is used.

Advisors Suite MS SQL databases do not have any properties that can prevent the application of TDE. The databases do not contain any READ-ONLY file groups, full text indexes, or filestreams. Users must follow the standard Microsoft documentation related to this topic.

The Advisors Suite does not support MS SQL Server cell-level encryption.

Oracle 11g offers:

  • Transparent Database Encryption (TDE) introduced in Oracle 10g, which allows the encryption of individual column content on the data file level.
  • Tablespace encryption introduced in Oracle 11g, which allows the encryption of the entire content of a tablespace.

To verify that databases are secured with TDE encryption, do the following:

  1. Run the following query and all your tables should be using the ENCRYPTED_TS tablespace:
    select * from user_tables
  2. Run the following query and check if the ENCRYPTED_TS table space shows Yes:
    select tablespace_name,encrypted from user_tablespaces

The following specifics of Advisors database deployment must be considered if the above Oracle features are used.

[+] Platform, Metric Graphing, and Genesys Adapter Metrics Databases

List of Function-Based Indexes

TDE limitations related to the column-based encryption of the content with function-based indexes are applicable to the Advisors Suite. The Advisors schema contains a number of function-based indexes that need to be modified or dropped if the column-based encryption of the related columns is chosen. See the following Table.

Platform Schema

Index Table Column expression
IX_APPLICATION_NAME APPLICATION – Contains application group metadata UPPER("NAME")
IX_CALL_APP_UP CALL_APPLICATION – Contains metadata for queues, call types, services, interaction queues UPPER("NAME")
IX_CALL_CENTER_NAME CALL_CENTER – Contains contact center metadata UPPER("NAME")
IX_CALL_CREGION_NAME REGIONS – Contains metadata for geographic regions, reporting regions and operating units UPPER("NAME"), UPPER("TYPE")
IX_CG_UP CONTACT_GROUP – Contains metadata for workforce contact groups UPPER("NAME")
IX_CG_ORIGIN CONTACT_GROUP UPPER("WFM_EQUIVALENT_ID"), UPPER("SOURCE_SYSTEM")
IX_CONTACT CONTACT – Contains Advisors users contact data UPPER(“EMAIL”)
IX_PG_NAME PG – Contains metadata for peripheral gateways UPPER("PG_NAME")
IX_USERS_USERNAME USERS – Contains the list of Advisor users UPPER("USERNAME")
IX_KEY_ACTION_NAME KEY_ACTION UPPER("NAME")
IX_ADAPTER_INST_HOST_PORT ADAPTER_INSTANCES UPPER(“HOST”)
This page was last modified on July 21, 2014, at 12:07.

Feedback

Comment on this article:

blog comments powered by Disqus