Organizations, today, have hundreds of databases, apps, and several operating systems where user and administrator activity must be audited and monitored from security and compliance point of view. This requires constant collection and analysis of massive amount of activity data to run reports and generate alerts on anomalous activities. This is where Database Activity Monitoring (DAM) solutions such as Oracle Audit Vault and Database Firewall (AVDF) comes in.
Oracle Audit Vault and Database Firewall is a comprehensive Database Activity Monitoring (DAM) solution that consolidates activity audit data from Oracle and non-Oracle databases, operating systems, and directories, and provides security and compliance reports. It can serve as the first line of defence for your data assets. The solution was first introduced in 2012, merging two existing products – Oracle Audit Vault and Oracle Database Firewall – into a single unified offering that, for the first time, took advantage of the synergy between native database audit and network-based activity monitoring to provide a comprehensive view of database activity.
Oracle AVDF secures databases and other critical components of IT infrastructure such as operating systems in these key ways:
Detective and Preventive Controls
AVDF solution monitors and audits the activities of privileged and application users inside the database continuously monitors application behavior, recognizes unexpected or unauthorized attempts and helps to prevent SQL injection, application bypass, and other malicious activities from reaching the database.
Database Firewall for Activity Monitoring and Blocking
Oracle Database Firewall incorporates a sophisticated next-generation SQL grammar analysis engine that inspects SQL statements going to the database and determines with high accuracy whether to allow, log, alert, substitute, or block the SQL. This enables organizations to minimize false alerts and collect only important data.
Fine Grained, Customizable Reporting and Alerting
Dozens of out-of-the-box compliance reports provide easy, schedulable, customized reporting for regulations such as GDPR, PCI, GLBA, HIPAA, IRS 1075, SOX, and UK DPA. Fine-grained authorizations enable security managers to restrict auditors and other users to information from specific sources, allowing a single repository to be deployed for an entire enterprise.
Enterprise Audit Data Consolidation and Lifecycle Management
By collecting native audit data from databases, AVDF provides a complete view of database activity along with full execution context irrespective of whether the statement was executed directly, through dynamic SQL, or through stored procedures. Maliciously modified stored procedures are a frequent vector for data theft – stored procedure tracking helps you quickly spot changes. With support for Oracle’s unified audit, it is easy to implement best practices for auditing using pre-seeded audit policies.
Deployment Flexibility and Scalability
Oracle Audit Vault and Database Firewall supports both cloud and on-premise databases with one single dashboard, giving customers insight into the activities on their databases. The multi-stage Database Firewall can be deployed in-line as a database proxy server, or out-of-band in network sniffing mode, or with a host-based agent that relays network activity back to the firewall for analysis and recording.
Oracle Audit Vault and Database Firewall helps organizations increase security by proactively monitoring database activity on the network and inside the database, protecting against SQL injection threats, consolidating audit data into a secure and scalable repository, and automating reporting to support audit and compliance activities.
1. Managed Services (onsite/offshore)
2. Professional Services
