Upgrading Symantec Data Loss Prevention with Oracle RDS
search cancel

Upgrading Symantec Data Loss Prevention with Oracle RDS

book

Article ID: 176247

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

The steps to upgrade Symantec Data Loss Prevention include the following:

  1. Prepare the Oracle RDS for the Symantec Data Loss Prevention upgrade.
    The steps to prepare the Oracle RDS differ slightly compared to an on-premises upgrade. Refer to the Solution section below. 
  2. Install the latest Java Runtime Environment.
  3. Install the Enforce Server.
  4. Upgrade the Enforce Server.

See "Upgrading Symantec Data Loss Prevention to a new release" in the Symantec Data Loss Prevention Upgrade Guide for Windows or Linux.

Resolution

Preparing the Oracle RDS for a Symantec Data Loss Prevention upgrade

The following Oracle RDS-related preparations must be made before you upgrade the Symantec Data Loss Prevention database schema for version 15.x:

Preparing the Oracle RDS for a Symantec Data Loss Prevention upgrade
Step Action More info
1 Back up the Oracle RDS database before you start the upgrade. You cannot recover from an unsuccessful upgrade without a backup of your Oracle RDS database.

See the Symantec Data Loss Prevention Oracle 19c Implementation Guide
2 Set Oracle variables.

Setting variables in the Oracle RDS database
3 Prepare to run the Update ReadinessPreparing to run the Update Readiness Tool for Amazon RDS for Oracle Prepare to run the Update Readiness Tool for Oracle RDS
4 Create the Update Readiness Tool database account.

Creating the Update Readiness Tool database account for Amazon RDS for Oracle
5

Run the Update Readiness Tool for Oracle RDS.

Running the Update Readiness Tool for Amazon RDS for Oracle

Setting variables in the Oracle RDS database

You set the ORACLE_HOME, and java CLASSPATH: ORACLE_HOME variables before you begin the upgrade process. If you do not set these variables, you cannot complete the migration process during the Enforce Server upgrade process.

To set the variables:

  1. Log on as a domain user.
  2. In the command prompt, run the following command to set the ORACLE_HOME variable.
    Confirm your Oracle version and installation path before setting this variable. For example:
    set ORACLE_HOME=c:\oracle\product\12.2.0.1\db_1
  3. Run the following command to set the java CLASSPATH: ORACLE_HOME variable:
    • For Windows:
      set CLASSPATH=%CLASSPATH%;JAVA_HOME\lib;.;
      echo %CLASSPATH%
    • For Linux: 
      export CLASSPATH=${CLASSPATH.EN_US}:.
      echo $CLASSPATH

Preparing to run the Update Readiness Tool for Oracle RDS

Preparing the Update Readiness Tool includes downloading the tool and moving it to the Enforce Server.

To prepare the Update Readiness Tool for Oracle RDS:

  1. Obtain the latest version of the tool (for both major or minor release versions of Symantec Data Loss Prevention) from the Broadcom support portal.
    The latest version of the Update Readiness Tool includes important fixes and improvements, and should be the version that you use before attempting any upgrade. 
    Symantec recommends that you download the tool to the DLPDownloadHome\DLP\15.X\URT directory on the Enforce Server. Create the URT folder if it does not already exist.
  2. Unzip the tool, then copy the contents of the unzipped folder to the following location on
    the Enforce Server. Do not unzip the tool as a folder to this location; the contents of the
    tool folder must reside directly in the URT folder as specified:
    c:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.5\Protect\Migrator\URT\
  3. Copy oracle_create_user_aws_oracle_rds.sql to the ../URT/script folder.
    This SQL script creates a schema with necessary privileges to the Oracle RDS.

Creating the Update Readiness Tool database account

You can run the Update Readiness Tool from the command prompt on the Enforce Server host computer.

To run the Update Readiness Tool for Oracle RDS:

  1. Logon as the RDS Master user.
    The following steps use masteruser for the RDS Master user and password for the password. Enter information specific to your implementation for these values.
  2. Run the following script:
    sqlplus masteruser/password@endpoint_name.rds.amazonaws.com:1521/protect
  3. Run the following script to grant full access to the DATA_PUMP_DIR to the "protect" user.
    SQL> GRANT read,write on DIRECTORY DATA_PUMP_DIR to protect;
  4. Run the following script to logon to the Oracle RDS:
    sqlplus username/password@endpoint_name.rds.amazonaws.com:1521/RDS Servicename
    Replace username, password, and RDS Servicename with information specific to your implementation.
  5. Run the following script to create Update Readiness Tool database account:
    SQL> @oracle_create_user_aws_oracle_rds.sql
  6. Enter the following information where prompted:
    • Please enter required username to be created: protect_urt
    • Please enter a password for the new username: protect

​A message displays indicating that the process was succesfull.

Running the Update Readiness Tool for Oracle RDS

To run the Update Readiness Tool for Oracle RDS:

  1. Run the following command:
    java UpdateReadinessTool
  2. Enter the following information when prompted:
    • Please enter the database username: protect
    • Please enter the database user password: protect
    • Please enter the database readiness username: protect_urt
    • Please enter the database readiness user password: protect
    • Please enter the database service name: endpoint_name.rds.amazonaws.com:1521/protect

After the test completes, you can locate the results in a log file in the /output directory. This directory is located where you extracted the Update Readiness Tool. If you do not include [--quick] when you run the tool, the test may take up to an hour to complete. You can verify the status of the test by reviewing log files in the /output directory.

Powered by Wolken Software