Oracle Information InDepth



Stay Connected

Oracle on Twitter Oracle on Facebook Oracle on Youtube Oracle Blog Oracle on LinkedIn Google+

April 2013

Subscribe Forward

Back to the main page

Analyst Report: KuppingerCole on Oracle Audit Vault and Database Firewall

In February 2013, leading European security analyst firm KuppingerCole issued a snapshot review of the recently launched Oracle Audit Vault and Database Firewall, "a solution that supports the entire stack around the database, from the operating system to custom application log files," writes Martin Kuppinger, the report's author.

Built to monitor both Oracle and non-Oracle database traffic, Oracle Audit Vault and Database Firewall detects and blocks threats. At the same time, it simplifies compliance reporting by consolidating audit data from databases, operating systems, directories, and other sources.

Unified Monitoring and Auditing Platform
The new product represents more than just two products—Oracle Audit Vault and Oracle Database Firewall—offered as a single solution.

"Notably this is about integration, not just about a suite of two different products," the report's author writes. "The new offering has a single administrator console and fully integrates the two products."

As a result of this integration, events generated by the database firewall component are automatically provided to the audit vault component, which securely gathers data from all monitored databases.

Combining Accuracy and Performance
Leading the list of strengths cited by KuppingerCole is Oracle's SQL grammar-based approach to database event filtering. This approach "provides a very high level of accuracy and allows finding a good balance between avoiding false negatives at all and minimizing the number of false positives," the report finds.

To support environments that are highly sensitive to performance restraints, the solution also provides flexible deployment models, remote monitoring, a high-availability mode, and support for inline blocking and monitoring.

Other strengths of Oracle Audit Vault and Database Firewall cited in the KuppingerCole report include

  • Support for leading relational database systems, beyond Oracle Database
  • Integration of database firewall and audit/event management, leading to database-specific security information and event management capability
  • Support for audit and event sources across most of the stack, including operating systems (currently Microsoft Windows and Oracle Solaris), file systems, and custom audit sources
  • Flexibility to monitor, audit, or both
  • A strong security approach, including delivery as a hardened soft appliance, separation-of-duty features, and a fine-grained internal security model
Download the KuppingerCole review.

Find out more about Oracle Audit Vault and Database Firewall.
Back to Top

Please send questions or comments to

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.

Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

Hardware and Software, Engineered to Work Together

Contact Us | Legal Notices and Terms of Use | Your Privacy Rights


Oracle Corporation - Worldwide Headquarters, 500 Oracle Parkway, OPL - E-mail Services, Redwood Shores, CA 94065, United States

Your privacy is important to us. You can login to your account to update your e-mail subscriptions or you can opt-out of all Oracle Marketing e-mails at any time.

Please note that opting-out of Marketing communications does not affect your receipt of important business communications related to your current relationship with Oracle such as Security Updates, Event Registration notices, Account Management and Support/Service communications.