Security Resources

Software Updates

Trustwave DbProtect Sensor 4.3.1

Trustwave DbProtect Sensor 4.3.1

Trustwave is pleased to announce the release of Trustwave DbProtect Sensor 4.3.1. DbProtect Sensor version 4.3.1 is compatible with DbProtect Suite release 6.4.4 and higher. It includes SHATTER Knowledge Base Release 5.21. Sensor version 4.3.1 introduces many new features that include:

• Support for Microsoft SQL Server 2016

• New Installer Bundle for Windows

o The bundle includes 3 components, all visible in ARP (Add/Remove Programs).

• DbProtect Sensor Installation Manager

• DbProtect Sensor

o This is an updated installer that was not included in the 4.2 service pack.

o It is now completely command-line driven (no UI) to support silent installs.

• DbProtect Sensor Network Driver

o To completely uninstall Sensor, go to the ARP applet and select DbProtect Sensor Installation Manager.

• Provisional Support for pluggable container databases in Oracle 12.1

o  For non-production environments who would like to beta test this version of sensor for Oracle 12.1 in a pluggable container environment.


Improvements & Bug Fixes:

• Alert levels in DbProtect policies are mapped one-to-one to syslog severity.

o  To change the mapping, see syslogSeverityMapping_sensor_override.xml


  • An instance of Sensor should only be assigned to monitor a single database instance when monitoring a container database on Oracle 12.1.
  • A single policy applies to all containers in a database instance. Container-specific policies are being considered as a future enhancement.
  • If a database connection cannot be established at any time, sensor will issue a MONITORING UNAVAILABLE event. In some, but not all cases, sensor will also shut down.
  • Some valid connect identifiers may not be supported yet. We recommend using a connect descriptor if possible.
  • Purging of audit records may not be fully functional in Oracle 12.1.
  • Oracle 12.1 on Windows sometimes has IPV6 enabled even without an IPV6 infrastructure. If IPV6 is enabled in this case, Oracle may report local connections using a non-existent link-local scope IPV6 address for the loopback interface. DbProtect Sensor does not recognize this configuration and may miss alerts. Disabling IPV6 will resolve this issue.

Download Trustwave DbProtect Sensor 4.3.1 from the Trustwave Support Portal. For additional assistance please contact Trustwave Customer Support.